On Tuesday 30 May 2006 10:40, Joe Smith wrote: > But Martin decided to publish this experiment. > Is this really a bad thing? He proved that KSP are bad for the web of > trust. Isn't what Martin and this thread actually demonstrated is that signing keys based on IDs you cannot reasonably authenticate as real, with a focus on quantity instead of quality among KSP participants is the real problem at hand? Even the guy at 7-Eleven has the big book of north american ID cards with pictures and descriptions of what makes a real one for when they encounter an ID that they've never seen before. Surely Debian can do as well as the guy selling cigarettes and beer at the 7-Eleven when it comes to verification... -- Paul Johnson Email and IM (XMPP & Google Talk): baloo@ursine.ca Jabber: Because it's time to move forward http://ursine.ca/Ursine:Jabber
Attachment:
pgpVUctWVBx8x.pgp
Description: PGP signature