Re: non-DD contributors and the debian keyring
On Wed, Aug 20, 2003 at 11:29:52PM +0200, Martin Quinson wrote:
> But the point is that without the key, anyone can forge mails which seem to
> come from me, and thus abuse the trust my work gained me in the mind of some
> DDs.
>
> I see this point as necessary even if not sufficient.
Ok, a valid key gives trust that your work is really made by you. But what
this key needs is signatures from trusted people (e.g. from other Debian
developers) and for that it doesn't have to be in Debian's keyring at all.
Just send the people you work with your public key with its signatures
- you don't even have to go via any keyserver at all.
Cheers, Peter
--
Peter van Rossum, <petervr@nmsu.edu> | Universal law of linearity: for all
Dept. of Mathematics, New Mexico | f : R -> R and for all x, y in R:
State University, Las Cruces, NM, USA. | f(x + y) = f(x) + f(y)
Reply to: