[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Debconf-discuss] GPG keysigning?

martin f krafft wrote:
> also sprach Russ Allbery <rra@debian.org> [2009.06.23.0158 +0200]:
>> Meeting in person and exchanging government ID or something that
>> looks good enough to fool people is a compromise position, but
>> I do think there's a general feeling that it's close to a sweet
>> spot in that tradeoff for what we want out of our web of trust.
> 
> Alright, I agree that it's not as useless as I sometimes portray it.
> But it's still woefully arbitrary.

The fact that different governments may have different levels of
security/reliablity attached to their documents does not render the
process arbitrary. Sticking to government IDs is a simple *rule*,
sticking to some more or less vague other proofs of identity was
*arbitrary* [1].

Cheers,
Johannes

[1] I consider 'rule' an antonym of 'arbitrary'. The absence of rules
leads to arbitrary outcomes. ;-)
Reply to: