[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [New maintainer] Working for Debian and becoming a registere

>>"Jaldhar" == Jaldhar H Vyas <jaldhar@debian.org> writes:

 Jaldhar> How about if x amount of signatures on your key where x
 Jaldhar> could be something like 10 qualified you to be on the
 Jaldhar> new-maintainer team?  The more your key has been signed, the
 Jaldhar> more the Debian community trusts you right?  You could also
 Jaldhar> stipulate that some or all signatures have to be from
 Jaldhar> developers in good standing for over a year, holders of
 Jaldhar> Debian offices etc. etc.

        This is a bad idea. A signature on a public key just verifies
 that the signator is willing to testify that you have a claim to the
 name on your key. There is *NO* claim made about how much you should
 be trusted, and using ID verification as a metric of suitability for
 the new maintainer team (or anything at all) is not good.

 Eureka! Archimedes
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E

Reply to: