[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: key sign

On Wed, Jun 27, 2007 at 01:04:30PM -0300, Guilherme de S. Pastore wrote:
> Em Qua, 2007-06-27 às 19:28 +0330, Amin Shali escreveu:
> > Hi :)
> > Can anyone please sign my key? 
> No.
> Quoting http://www.debian.org/events/keysigning:
> "You should never sign a key for somebody else you haven't met
> personally. Signing a key based on anything other than first-hand
> knowledge destroys the utility of the Web of Trust. If ones friend
> presents other developers with your ID card and your fingerprint, but
> you are not there to verify that the fingerprint belongs to you, what do
> other developers have to link the fingerprint to the ID? They have only
> the friend's word, and the other signatures on your key -- this is no
> better than if they signed your key just because other people have
> signed it!
Or more importantly, why do you want it signed? To become a new
maintainer or to become a debian maintainer (who is not part of debian)
who can have their packages uploaded to Debian? You man want to look
into mentors.debian.net or look into
http://www.debian.org/devel/join/newmaint ?
|  .''`.  == Debian GNU/Linux == |       my web site:           |
| : :' :      The  Universal     |mysite.verizon.net/kevin.mark/|
| `. `'      Operating System    | go to counter.li.org and     |
|   `-    http://www.debian.org/ |    be counted! #238656       |
|  my keyserver: subkeys.pgp.net |     my NPO: cfsg.org         |
|join the new debian-community.org to help Debian!              |
|_______  Unless I ask to be CCd, assume I am subscribed _______|

Attachment: pgpAJh5Z1HJw_.pgp
Description: PGP signature

Reply to: