Re: Keysigning via Video Conferencing
On Jun 23 2016, firstname.lastname@example.org wrote:
> Hello Everyone,
> Sorry to interject in this matter however it is beginning to become
You may be contributing to this, because you clearly haven't actually
read the thread.
> If a Debian Developer is to sign your key, they will need to be
> familiar with you, have formal identification (not just photographs)
> and also have the ability to provide proof, if asked that you are who
> you claim to be. The process will not go any other way and you can't
> attempt to circumnavigate the inevitable fact that you cannot have
> your key signed online.
Except that Gunnar, with his keyring maintainer hat on, has stated
something quite different:
> The medium you use to verify your counterpart's identity when
> performing a signature is completely up to you; I could be perfectly
> happy with cross-signing with $person via videoconferencing — But what
> we push, what we *really* expect each of us to do, is to actually
> *ensure identity*.
> Now, I have said this too many times, but once more: As keyring-maint,
> we are not collecting samples of people showing valid-looking ID
> documents to others. This is one of the issues why we don't have
> long-queue key signing parties: Just checking the ID of a complete
> stranger is not real identity validation.
> My personal guideline is that I will sign your key if and only if I
> see your face and can think of your name, and the opposite way
GPG encrypted emails preferred. Key id: 0xD113FCAC3C4E599F
Fingerprint: ED31 791B 2C5C 1613 AF38 8B8A D113 FCAC 3C4E 599F
»Time flies like an arrow, fruit flies like a Banana.«