Re: [Debconf-discuss] list of valid documents for KSPs

To: debian-devel@lists.debian.org
Subject: Re: [Debconf-discuss] list of valid documents for KSPs
From: Henning Makholm <henning@makholm.net>
Date: Wed, 31 May 2006 04:34:51 +0200
Message-id: <[🔎] 87wtc2oras.fsf@kreon.lan.henning.makholm.net>
References: <[🔎] 871wuiimii.fsf@glaurung.internal.golden-gryphon.com> <[🔎] 87lkspg5zr.fsf@glaurung.internal.golden-gryphon.com> <[🔎] 20060525222648.GB6863@glandium.org> <[🔎] 200605251745.45833.baloo@ursine.ca> <[🔎] 20060526145419.GA9673@javifsp.no-ip.org> <[🔎] 20060527152835.GA3026@esaurito.net> <[🔎] 20060527211248.GB5547@mauritius.dodds.net> <[🔎] 87bqtj9dm5.fsf@informatik.uni-tuebingen.de> <[🔎] u1hodxjx8m2.fsf@kempis.becket.net> <[🔎] 87ac92cb5n.fsf@glaurung.internal.golden-gryphon.com> <[🔎] u1hd5dxeh9d.fsf@kempis.becket.net> <[🔎] 87zmh1bk89.fsf@glaurung.internal.golden-gryphon.com> <[🔎] u1hejydtsan.fsf@kempis.becket.net> <[🔎] 87k683px9b.fsf@glaurung.internal.golden-gryphon.com>

Scripsit Manoj Srivastava <srivasta@debian.org>

>         Nothing that a general software developer can do to check an
>  ID is proof against a determined individual, we all assume that there
>  is a gentleman's agreement in place that such an attack is not
>  mounted.

If you _really_ believed that you could depend on people keeping any
gentleman's agreement, the whole charade of holding a KSP would be
completely pointless.

The only reason to hold a KSP is that one _does not_ believe that
people are capable of keeping gentlemen's agreements.

And you calling me and others naive for pointing out this obvious fact
is not going to change it.

>  good faith would have been to present the official ID and extend
>  the web of trust.

A security mechanism that only works in the non-presense of fraudsters
is no security mechanism at all.

-- 
Henning Makholm                                 "I can get fat! I can sing!"

Reply to:

References:
- Please revoke your signatures from Martin Kraff's keys
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
  - From: Manoj Srivastava <srivasta@acm.org>
- Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
  - From: Mike Hommey <mh@glandium.org>
- Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
  - From: Paul Johnson <baloo@ursine.ca>
- Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
  - From: Javier Fernández-Sanguino Peña <jfs@debian.org>
- list of valid documents for KSPs (was: Please revoke your signatures from Martin Kraff's keys)
  - From: Filippo Giunchedi <filippo@debian.org>
- Re: [Debconf-discuss] list of valid documents for KSPs (was: Please revoke your signatures from Martin Kraff's keys)
  - From: Steve Langasek <vorlon@debian.org>
- Re: [Debconf-discuss] list of valid documents for KSPs
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
- Re: [Debconf-discuss] list of valid documents for KSPs
  - From: Thomas Bushnell BSG <tb@becket.net>
- Re: [Debconf-discuss] list of valid documents for KSPs
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: [Debconf-discuss] list of valid documents for KSPs
  - From: Thomas Bushnell BSG <tb@becket.net>
- Re: [Debconf-discuss] list of valid documents for KSPs
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: [Debconf-discuss] list of valid documents for KSPs
  - From: Thomas Bushnell BSG <tb@becket.net>
- Re: [Debconf-discuss] list of valid documents for KSPs
  - From: Manoj Srivastava <srivasta@debian.org>

Prev by Date: Re: adding ddccontrol to debian
Next by Date: Re: Real Life hits: need to give up packages for adoption
Previous by thread: Re: [Debconf-discuss] list of valid documents for KSPs
Next by thread: Re: [Debconf-discuss] list of valid documents for KSPs
Index(es):
- Date
- Thread