[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: key signing transitivity

On Wed, Mar 12, 2003 at 09:10:36AM -0800, Matt Kraai wrote:
> Developer X has a key A which is in the keyring.  They have
> another key B, which is signed by A, but is not in the keyring.
> Applicant Y has a key M which is signed by B.
> Is that acceptable?

Depends on who owns key B, because we need to trust that /this person/
has checked Y's id properly before signing the key. Imho we can only
do that if the person owning key B is Developer X.

But if this is true applicant Y should simply write a mail to
Developer X, asking him to sign key M with his Debian key (A)[1]. He
can safely do this because he has already done the proper checks when
signing key M with key X.
              cu andreas

[1] "I'd like to become member of debian, ..."
"See, I told you they'd listen to Reason," [SPOILER] Svfurl fnlf,
fuhggvat qbja gur juveyvat tha.
Neal Stephenson in "Snow Crash"

Attachment: pgpvCgcgqawRB.pgp
Description: PGP signature

Reply to: