[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)

On Fri, Dec 08, 2000 at 07:39:54PM -0300, Nicol?s Lichtmaier wrote:
>  There isn't a string relationship betwen identification and Debian trust.
> If someone's key is signed, that doesn't mean that the signer certifies a
> person as a good and kosher developer. In the other hand, my key is in the
> keyring and it isn't signed by anyone...
>  Not everybody lives a couple of hours away from other developers...

Ahh, but Karl does - and Karl has a history of asking (in public) for
people to sign his key without proof of identity.  He's tried very hard in
fact.  This rates him as completely untrusted IMO because he has willingly
and repeatedly tried to compromise our web of trust despite explanations
of just how wrong what he's trying to do is.

Further, he has resigned.  Twice that I've seen.  If his resignation
hasn't been officially accepted, I'd question why nothing has been done
about the obvious attack on the project's security.

Joseph Carter <knghtbrd@debian.org>               GnuPG key 1024D/DCF9DAB3
Debian GNU/Linux (http://www.debian.org/)         20F6 2261 F185 7A3E 79FC
The QuakeForge Project (http://quakeforge.net/)   44F9 8FF7 D7A3 DCF9 DAB3

<Joy> that's a Kludge(TM)
<knghtbrd> It Works(tm)
<Joy> AIX works(TM)
<knghtbrd> no it doesn't
<knghtbrd> =>

Reply to: