Steve Langasek wrote: > On Thu, May 16, 2002 at 03:01:38PM +0200, Vittorio Bertola wrote: > >>So, to apply this system to ICANN, we would have to build the At Large >>membership by cooptation, ie each new member would have to be >>introduced by another one. This could be somewhat interesting, but I >>guess it could be not open enough for our scale and purposes. > > > Debian has chosen this particular method because it's consistent with > our goals as a community: a PGP web of trust maps closely onto the > relationships that have to exist among us as developers of an operating > system. For ICANN, I'm pretty sure that this does not apply; so > requiring all PGP keys to be signed by someone already in ICANN is > probably not the way to go about it. You can choose a different method > that provides the right balance of security and convenience for your > organization. You might accept PGP keys with only email verification, > you might accept them printed out and sent by normal mail, you might > accept keys that have been signed into the global web of trust. Each > approach offers a different degree of authenticity, and carries with it > a different degree of overhead.
Debian can use PGP because the target are the developers. I think the target of ICANN is larger (and also less tecnical), thus using PGP is not an option. (People will not enter in @large or they will use PGP in a unsecure manner, giving trust problems to all PGP infrastructure. ciao giacomo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]