Re: [Debconf-discuss] GPG keysigning?
martin f krafft wrote:
> also sprach Russ Allbery <rra@debian.org> [2009.06.23.0158 +0200]:
>> Meeting in person and exchanging government ID or something that
>> looks good enough to fool people is a compromise position, but
>> I do think there's a general feeling that it's close to a sweet
>> spot in that tradeoff for what we want out of our web of trust.
>
> Alright, I agree that it's not as useless as I sometimes portray it.
> But it's still woefully arbitrary.
The fact that different governments may have different levels of
security/reliablity attached to their documents does not render the
process arbitrary. Sticking to government IDs is a simple *rule*,
sticking to some more or less vague other proofs of identity was
*arbitrary* [1].
Cheers,
Johannes
[1] I consider 'rule' an antonym of 'arbitrary'. The absence of rules
leads to arbitrary outcomes. ;-)
Reply to: