[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [nm-admin] Identification step in the current scheme (Re: Fe

On Sun, Jul 30, 2000 at 11:18:33AM -0700, Jim Westveer wrote:
> It seems that something is left out of the proposal to not 
> require an ID (or anything else) signed by the applicant.
> As an example, I could acquire from db.d.o a public key for
> someone that is signed by a maintainer. (key BA0A7EB5 perhaps), 
> and attach it with an email of application.  The problem with 
> this is that it is just a public key, available to almost anyone, 
> and it does not demonstrate that I possess the private key of 
> that key pair.

A good point. 

> However, by signing an ID, or the email, I have demonstrated
> that I do infact, possess that private key.

True. I'm not sure how the account creation process works but I
presume the account password is sent to the email address listed
in the public key encrypted.

If they don't have the private key they would have wasted the AMs 
and the account managers time. A prudent AM would probably ask
that their email be signed; or that they show something (e.g. a .deb)
signed. The ability to sign should be a skill we test for perhaps.

> The above is perhaps a poor example as it uses an
> existing maintainers key. But public keys are easily acquired,
> and one could just apply under someone elses key.perhaps 
> even someone with the same name.  Or simply make a mistake, and
> apply with the wrong public key. Ultimately though, without
> the private key, the person can not sign an upload.  They
> might be able to gain maintainer status, and do other stupid
> things....

Maybe. Without an account password can much be done? Anyway
by checking they have the ability to sign things we should be 

> I have no strong feelings about if an ID should be required
> for those who have already have a signature of a developer,
> just that the applicant should not only provide their public
> key, but also prove that they can sign something with their 
> private key.

Agreed (we should check they can sign something).


Reply to: