[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Debconf-discuss] list of valid documents for KSPs

Manoj Srivastava <srivasta@debian.org> writes:

>         I see you have never been in a large key signing party.  There
>  is a certain expectation of trust, since no one can actrually detect
>  delibrate forgeries. 

Except that there was nothing forged about Martin's ID card, as it has
been reported.  It was exactly what it claimed to be, nothing more and
nothing less.

>         If people start bringing in forged documents,  no amount of
>  caution on part of laypeople like most software developers is proof
>  against such deception.  If such deception is accepted behaviour, we
>  may as well throw out thetrust metric, and let /. upload packages
>  into Debian.

This may be true, except that *the document was not forged*.
Reply to: