On Wed, Aug 02, 2000 at 06:58:40PM +0000, Dale Scheetz wrote: > On Wed, 2 Aug 2000, Matthew Vernon wrote: > > Therefore, what does it matter that I can't remember the face of the > > person whose key I signed six months ago? I am still happy that I saw > > good ID, and that if I get mail signed/encrypted with that key that it > > comes from that person. > While your happiness _is_ important, just how does it help the > administrators of Debian? I haven't seen his face, nor has the DAM. You > are the lucky one who _has_ seen his face, but we know we can not ask you > at this point if the face matches the name. We agree that the activity > actually happened at the same time we agree that we can't re-create the > event accurately in memory. How does having a picture help the administrators? We don't do biometrics. What difference does it make if the face matches the name? If I get plastic surgery, is there some problem somewhere? Should I get one of those cute masks from MI:2 and wear it at conferences or something? Do we still do phonecalls for every new maintainer? ie, "What's your phone number?" "555-5555" "Okay." [dial] [ring, ring] "Hello" "Hi, I'm calling about your n-m application..." Can you give an example scenario where, given a phone call and given a key signed by one or two other developers (who've checked passports and such before so doing), a photo will still be necessary to avoid some problem? Cheers, aj -- Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/> I don't speak for anyone save myself. GPG signed mail preferred. ``We reject: kings, presidents, and voting. We believe in: rough consensus and working code.'' -- Dave Clark
Attachment:
pgp8MWgbkAK1R.pgp
Description: PGP signature