On Wed, Sep 15, 2010 at 11:57:25AM -0400, Perry E. Metzger wrote: > On Wed, 15 Sep 2010 12:41:49 -0300 Henrique de Moraes Holschuh > <email@example.com> wrote: > > On Wed, 15 Sep 2010, Felipe Sateler wrote: > > > On 14/09/10 01:18, Gunnar Wolf wrote: > > > > - Your new key should be signed by two or more other Debian > > > > Developers > > > > > > The NM and DM processes require only one signature. Why is it > > > harder to replace a key than to become a DD? > > > > Or rather, why the requirements for the first key any weaker than > > those for DD key replacement? > > Or rather, what is the specific threat that the policy is designed to > address? Does it succeed? The question for a key for a new DM/DD is "Are we sure this person is who we think it is?". For a replacement key for an existing key it's "Are we sure this key belongs to the person we already know of as a different key, and that they want the key replaced.". The first is simpler than the second and doesn't risk locking a developer out from access to the project. Personally I'd like to require 2 signatures for new DM/DDs but I understand that would raise the bar to project entry in an unhelpful fashion. J. -- Documentation - The worst part | .''`. Debian GNU/Linux Developer of programming. | : :' : Happy to accept PGP signed | `. `' or encrypted mail - RSA | `- key on the keyservers.
Description: Digital signature