Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On 26 May 2006, Wouter Verhelst told this:
> On Fri, May 26, 2006 at 11:57:09AM +0200, Michael Meskes wrote:
>> This may be a silly question but doesn't my signature only state
>> that I certify this key really belongs to the person it seems to
>> belong to?
>
> That aside, personally, I don't know what the big fuzz is about. I
Err, I thought I had already elucidated what my concerns were.
> know who Martin Krafft is; I've seen him at a number of FOSDEM
> instances, and I've seen him last year in Helsinki, where I called
> him by his name (to which he reacted), and where literally hundreds
> of others did the same. Considering that, I don't need a
> government-issued ID to be sure that he is indeed who he claims to
> be. I suspect the same is true for many of the other Debian people
> there.
This is why they say that the plural of anecdote is not data.
I am pretty sure I am not the only person at debconf6 for whom this
was the first debconf. If the source of all our identity
verification is a) a person says who he is, and b) presents a perhaps
purchased off the internet doc saying the same thing, I am not sure
_how_ one can have a trust relationship between a name and a
fingerprint.
manoj
--
Don't despair; your ideal lover is waiting for you around the corner.
Manoj Srivastava <manoj.srivastava@stdc.com> <srivasta@acm.org>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: