Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)

To: Glenn McGrath <bug1@optushome.com.au>
Cc: "Thomas Bushnell, BSG" <tb@becket.net>, "Karl M. Hegbloom" <karlheg@bittersweet.member.dsl-only.net>, Debian Developers' Forum <debian-devel@lists.debian.org>
Subject: Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)
From: Joseph Carter <knghtbrd@debian.org>
Date: Mon, 11 Dec 2000 01:26:37 -0500
Message-id: <[🔎] 20001211012637.A13082@debian.org>
In-reply-to: <[🔎] 3A340483.337118F3@optushome.com.au>; from bug1@optushome.com.au on Mon, Dec 11, 2000 at 09:32:35AM +1100
References: <[🔎] 20001205212046.B31589@silly.cloud.net.au> <[🔎] 20001208171641.A2050@debian.org> <[🔎] 20001208215915.E29676@lina.inka.de> <[🔎] 20001208193954.A4233@debian.org> <[🔎] 20001209020853.B26506@debian.org> <[🔎] 87itotbajs.fsf@bittersweet.intra> <[🔎] 87d7f1yux0.fsf@becket.becket.net> <[🔎] 87hf4coeq6.fsf@bittersweet.intra> <[🔎] 87vgss6o4o.fsf@becket.becket.net> <[🔎] 3A340483.337118F3@optushome.com.au>

On Mon, Dec 11, 2000 at 09:32:35AM +1100, Glenn McGrath wrote:
> Would it really matter if there was a debian developer that works really
> hard and had NOT proven their ID beyond a shadow of a doubt.

Yes it matters.  The only security Debian has is through that identity and
the trust placed in it.  There are developers with unsigned keys because
somehow you have to bootstrap the process.

The problem with Karl was created when he lost his old key (I forget if he
misplaced the secret or if he revoked it..)  At that point his old key was
useless and he needed a new one.  Since the old one had been accepted, he
attempted to shortcircuit the process of re-establishing his identity.

He tried very hard (and is still trying) to get around it, to the point of
publicly asking people to sign his key based on things he himself agrees
prove nothing about his identity.  This makes it clear that he is trying
to get around securing the key's identity and he knows it.

> Its not that hard to recognise some people by the style and content of
> there writting, im sure that Karl is the one and only Karl M. Hegbloom
> that has ever posted to debian mailing lists.

Karl is pretty obviously Karl.  But his his key obviously his key?
Remember that a key signature is the digital equivalent of your hand
written signature.  You sure wouldn't want someone out there using your
written signature on things more than you would your digital one.  How do
you prove your signature is valid?  To a bank, you provide multiple forms
of ID, one involving a picture and your signature.  The bank keeps your
signature on record and uses that as verification.  Pay by credit card?
They ask to see the card and often your ID as well.  They're comparing
signatures.  These things ARE important.

> Has this thread ever been more than just a personal attack?
> 
> Why dont we judge people by their work/contribution?

You mean like Karl's contribution of asking for signatures on a key that
anyone could have put there?  At this point as far as I'm concerned, it's
about protecting the keyring's trust.  Karl's stability notwithstanding
(although I highly question it at this point), what he's been trying to do
for some time now is forge a proven identity.  It may be his own.  It
likely is his own.  Still, his or not, trying to cheat the process makes
him not trusted.  And people that aren't trusted shouldn't have root to my
box, as all developers do.

-- 
Joseph Carter <knghtbrd@debian.org>               GnuPG key 1024D/DCF9DAB3
Debian GNU/Linux (http://www.debian.org/)         20F6 2261 F185 7A3E 79FC
The QuakeForge Project (http://quakeforge.net/)   44F9 8FF7 D7A3 DCF9 DAB3

<Knghtbrd> you people are all insane.
<Joey> knight: sure, that's why we work on Debian.
<JHM> Knghtbrd: get in touch with your inner nutcase.

Reply to:

References:
- Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)
  - From: Hamish Moffatt <hamish@debian.org>
- Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)
  - From: Nicolás Lichtmaier <nick@debian.org>
- Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)
  - From: Bernd Eckenfels <lists@lina.inka.de>
- Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)
  - From: Nicolás Lichtmaier <nick@debian.org>
- Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)
  - From: Joseph Carter <knghtbrd@debian.org>
- Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)
  - From: karlheg@bittersweet.member.dsl-only.net (Karl M. Hegbloom)
- Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)
  - From: karlheg@bittersweet.member.dsl-only.net (Karl M. Hegbloom)
- Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)
  - From: Glenn McGrath <bug1@optushome.com.au>

Prev by Date: ITP: lprngtool -- GUI frontend to /etc/printcap
Next by Date: Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)
Previous by thread: Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)
Next by thread: Re: I'm not quitting that easy. (Was: Re: I would like to vote also.)
Index(es):
- Date
- Thread