Re: [nm-admin] Identification step in the current scheme (Re: Fear the new maintainer process)
On Tue, Aug 01, 2000 at 06:38:03PM +0100, Mark Brown wrote:
> On Wed, Aug 02, 2000 at 03:33:47AM +1000, Anand Kumria wrote:
>
> > Perhaps, once again, that is not the issue here. The issue is whether to
> > trust existing Debian developers to authenticate (sign) the key of
> > aspiring Debian developers.
>
> Trusting developers doesn't seem to be an issue at all. No effort being
> made to verify that the photo corresponds to the person, all that is
> being required is that the applicant can provide a photo (not photo ID
> unless I misremember what Dale said when I asked him).
*sigh*
Yes it is.
When developers sign each other's keys they typically see some form of
photographic identification and then exchange fingerprints. In my case
I accept passports and driver's licences.
I then come home, sign their key so long as I am satisfied they were
who they said they were. If the person whose key I just signed was
to apply to become a Debian developer, as it stands they need to:
- send their signed key
- send a photograph of themself signed by their key
Since their key is already signed by me and I have already authenticated
them *in person* what is the need for a photograph? None.
I don't know when you asked Dale but the procedures are quite clear that
"An image file of an appropriate piece of photo-identification" (from
<URL: http://www.debian.org/devel/join/nm-step2> is required.
Anand
Reply to: