On Fri, Jan 12, 2001 at 05:31:22PM +0200, Antti-Juhani Kaijanaho wrote: > On 20010112T231245+1000, Anthony Towns wrote: > > > http://www.debian.org/devel/join/nm-step2 > > > If the applicant does NOT have any photo-ID such as a drivers > > > license or Passport, then any photo of him would do. But in such a > > > case, the trusted verification path (such as an employer, or faculty > > > member) may be provided, and the final report may explain that. > > Shouldn't that be done anyway? (It's not that hard to, say, steal > > someone's wallet and scan their photo id, then sign it with a new GPG > > key you just created...) > How would it help with that scenario? ``Hi, I received an application by <foo> to become a Debian maintainer, and I'm just trying to verify that s/he's a real person. I've been told by email that you know <foo> from university, and that you'd be willing to vouch for <foo>'s identity and that it's the real <foo> who's applying to join Debian.'' ``Sure, I spoke to <foo> the other day and s/he said something about this. S/he's enrolled in one of my classes.'' as opposed to say, ``Well, sure, <foo>'s in one of my classes, but I've never heard anything about this Debian thing. I'll check tomorrow. ... No, s/he says s/he's got no idea what's going on.'' In theory, anyway. In practice, it's probably just awkward, I guess. Cheers, aj -- Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/> I don't speak for anyone save myself. GPG signed mail preferred. ``Thanks to all avid pokers out there'' -- linux.conf.au, 17-20 January 2001
Attachment:
pgpivQcpiJI6g.pgp
Description: PGP signature