On Wed, Sep 15, 2010 at 11:57:25AM -0400, Perry E. Metzger wrote:
> On Wed, 15 Sep 2010 12:41:49 -0300 Henrique de Moraes Holschuh
> <hmh@debian.org> wrote:
> > On Wed, 15 Sep 2010, Felipe Sateler wrote:
> > > On 14/09/10 01:18, Gunnar Wolf wrote:
> > > > - Your new key should be signed by two or more other Debian
> > > > Developers
> > >
> > > The NM and DM processes require only one signature. Why is it
> > > harder to replace a key than to become a DD?
> >
> > Or rather, why the requirements for the first key any weaker than
> > those for DD key replacement?
>
> Or rather, what is the specific threat that the policy is designed to
> address? Does it succeed?
The question for a key for a new DM/DD is "Are we sure this person is
who we think it is?". For a replacement key for an existing key it's
"Are we sure this key belongs to the person we already know of as a
different key, and that they want the key replaced.". The first is
simpler than the second and doesn't risk locking a developer out from
access to the project.
Personally I'd like to require 2 signatures for new DM/DDs but I
understand that would raise the bar to project entry in an unhelpful
fashion.
J.
--
Documentation - The worst part | .''`. Debian GNU/Linux Developer
of programming. | : :' : Happy to accept PGP signed
| `. `' or encrypted mail - RSA
| `- key on the keyservers.
Attachment:
signature.asc
Description: Digital signature