[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Please revoke your signatures from Martin Kraff's keys



On Friday 26 May 2006 07:06, Manoj Srivastava wrote:
> On 25 May 2006, Thomas Bushnell told this:
> > Manoj Srivastava <srivasta@debian.org> writes:
> >> Based on this, I strongly suggest that mere signatures on a new
> >> maintainers key from a DD be also not enough, since people have now
> >> effectively proven how easily signatures may be obtained at a large
> >> KSP by just about anyone with money for a easily faked ID.
> >
> > What would you suggest instead?
>
>         Stop signing keys for Debian developers, since purchased ID's
>  are acceptable in this community?

That is a fact not in evidence with supplied information.  As I gather, Martin 
was carrying a passport, his German ID and the quasi-fake Transnational 
Republic ID.  If I had been presented with his TR ID, I would probably laugh 
and say, "OK, now how about one from a real jurisdiction."

-- 
Paul Johnson
Email and IM (XMPP & Google Talk): baloo@ursine.ca
Jabber: Because it's time to move forward  http://ursine.ca/Ursine:Jabber

Attachment: pgpXBSpZY9NI7.pgp
Description: PGP signature


Reply to: