Re: [Debconf-discuss] list of valid documents for KSPs

[Manoj Srivastava <srivasta@debian.org>]

On 28 May 2006, Thomas Bushnell told this:

>>> This may be true, except that *the document was not forged*.
>>
>> So you continue to claim.  And since you make statements like this
>> with no discernible means of you having verified them, I do not see
>> how discussion with you has any value whatsoever -- you'll make any
>> statements to back your position, whether or not you know them to
>> be true.
>
> It is as if you don't bother to read what you are replying to.
>
> Notice I said "as it has been reported."  

        I also noticed whom it was so reported -- and the second
 statement you made was an emphatic one, with no such disclaimers.

> So help me out here: are you claiming that Martin's card was *not* a
> genuine credential from the Transnational Republic?  If so, do you
> have any evidence for that?  You seem to be upset at Martin, or at
> the people who signed his key, but I can't tell what *exactly* is
> the basis for the anger.

        Hmm. Let us see here. A KSP is one where one presents the best
 papers one has, since the tacit understanding is that the cheks that
 had been undergone, and the international treeaties and laws governing
 travel papers (or national laws governing misuse of such documents)
 are a proxy for checks that the people at the party are unable to
 perform.

        A good faith participation in a key signing party would have
 involved all us foreigners presenting our passports, and being
 present to get our keys signed, and extending the web of trust for
 Debian.

        This is not what that individual who porports to be Marting
 actually did:  by self confession, the participation was to
 "experiment" with the expectation of trust and to game the system to
 "prove" how weak it was.  At this point, the expectation of good
 faith participation is broken; we now have a social enginnering
 exploit based on expectations of the people (something all grifters
 know and exploit).

        The expectation of trust is broken, as is the trust I have in
 that individual. What is the trust path I have to determine if the
 papers presented were not fake? Ah, yes, the words of the scam
 artist.  As far as I can tell, the person or organization has not
 entered into bilateral agreements with an agency or government I
 have even an iota of trust in, nor would there be any consequences
 for these organizations to issue fake papers.

        So, once someone acts in bad faith, I can't trust anything
 else they say: How do I know it is not a hoax within a hoax to see
 how gullible people are, to accept that the papers presented were not
 faked, or outright forgeries?

        Once he has broken faith, nothing coming from that source can
 be accepted, since the source is now tainted.  Any information flow
 with that origination is tainted, and since you offer the same
 statements, without any form of untainting that is visible, I think
 you are rapidly approaching the untrusted relay category.

        It is all basic information flow analysis.

        manoj
-- 
The District of Columbia has a law forbidding you to exert pressure on
a balloon and thereby cause a whistling sound on the streets.
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C