On Fri, Jan 12, 2001 at 05:31:22PM +0200, Antti-Juhani Kaijanaho wrote:
> On 20010112T231245+1000, Anthony Towns wrote:
> > > http://www.debian.org/devel/join/nm-step2
> > > If the applicant does NOT have any photo-ID such as a drivers
> > > license or Passport, then any photo of him would do. But in such a
> > > case, the trusted verification path (such as an employer, or faculty
> > > member) may be provided, and the final report may explain that.
> > Shouldn't that be done anyway? (It's not that hard to, say, steal
> > someone's wallet and scan their photo id, then sign it with a new GPG
> > key you just created...)
> How would it help with that scenario?
``Hi, I received an application by <foo> to become a Debian maintainer,
and I'm just trying to verify that s/he's a real person. I've been
told by email that you know <foo> from university, and that you'd be
willing to vouch for <foo>'s identity and that it's the real <foo>
who's applying to join Debian.''
``Sure, I spoke to <foo> the other day and s/he said something about this.
S/he's enrolled in one of my classes.''
as opposed to say,
``Well, sure, <foo>'s in one of my classes, but I've never heard anything
about this Debian thing. I'll check tomorrow. ... No, s/he says s/he's
got no idea what's going on.''
In theory, anyway.
In practice, it's probably just awkward, I guess.
Cheers,
aj
--
Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. GPG signed mail preferred.
``Thanks to all avid pokers out there''
-- linux.conf.au, 17-20 January 2001
Attachment:
pgpivQcpiJI6g.pgp
Description: PGP signature