Re: [Debconf-discuss] list of valid documents for KSPs
On Tue, May 30, 2006 at 07:49:34AM -0500, Manoj Srivastava wrote:
> > What Martin Krafft showed you was,
> How do I know that person actually was Martin Krafft?
So if you have no idea whether or not someone was Martin Krafft, how
can you ask everyone to revoke all signatures for Martin Krafft as you
did earlier. That is really unreasonable.
Does that mean that if someone shows up at an future keysigning party
at OLS, for example, with an Transational Republic ID which has the
name "Manoj Srivastava", that everyone would be therefore be entitled
to demand on debian-devel that all signatures for "Manoj Srivastava"
should now be revoked? After all, we have no idea if anyone who might
or might not have been "Manoj Srivastava" might or might not have
produced an identification documents that may or may not have been
false. We don't know!
Do you see how rediculous this is? How irrational you are being?
Let me try to spell it out another way. Either the entity at the the
KSP who was allegedly Martin Krafft was indeed Martin Krafft, or he
was not. It must be one or the other; you seem to be arguing things
both ways, and you don't get to do that.
If he was Martin Krafft, then he didn't carry out any attack! No
identity was forged, and no harm was done. Maybe he presented
identification that you wouldn't accept, but that is not intrinsically
wrong! If the entity was indeed Martin Krafft, then that entity broke
no criminal, civil, nor moral laws.
If he was not Martin Krafft, then the real Martin Krafft was not
culpable, and your arguments that the real Martin Krafft should
therefore be censured in any way shape or form is not just. And as
I've shown, if someone showing up with forged identity papers is
enough to demand that all signatures on a key be revoked, it would be
trivially easy for me or anyone else to arrange to have someone show
up at OLS with forged identity papers with your name, and carry out a
fairly devasting denial of service attack.....
> I say people who try to trick me into signing a key based on
> an untrusted process of identity verification are evil doers.
And I say, as have others, that "untrusted process of identity
verification" is by definition not an absolute term. So how can you
say that someone is an evil doer just because they present a form of
identity which happens to be untrusted by *you*. What if someone
presents an University ID? That isn't an government ID; does that
mean they are evil? Quick, consign them to the Nineth Circle of Hell,
reserved for traitors and people who commit treason! I say this is
insanity. And obviously argument by assertion is a valid form of
argument, since you seem to use it liberally. :-)
> A boss with no humor is like a job that's no fun.
I guess you don't see how ironic your signature line is....