Re: RFS: kernelcheck
David Paleino <d.paleino@gmail.com> writes:
> On Sat, 20 Jun 2009 09:04:32 +0100, Matthew Johnson wrote:
>> Also, going back to the note about reputation; There's no reason
>> reputation can't be associated with a pseudonym or with a GPG key
>> attached to a pseudonym.
>
> How do you sign such a key? You'd break the web of trust, if you don't
> check at least one government-issued document having a photo.
The web of trust isn't about governments; it's about signing the keys of
people whose identity you've verified. Governments are just a
convenient proxy to let us expand the web of trust to people whom no
other DD knows in person.
I would happily sign the key of someone with a pseudonym if I had
personal knowledge that the person who's key I was signing was the same
person who was widely known by that pseudonym on-line. It would
require, in general, a personal friendship or similar detailed
knowledge, but it's possible.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: