Quoting Adrian Bunk (2020-08-14 18:33:06) > On Thu, Aug 13, 2020 at 09:23:58PM +0100, Steve McIntyre wrote: > > On Thu, Aug 13, 2020 at 09:03:00PM +0200, Adam Borowski wrote: > > >On Thu, Aug 13, 2020 at 11:08:01PM +0530, Pirate Praveen wrote: > > >> I think the point about fake idenity documents is, it being a > > >> criminal activity and make one liable for prosecution. So it is > > >> not just about immediate cost of getting a fake id, but the is > > >> high risk if you are caught. Not all frauds get caught, but some > > >> do get caught and it probably serves as a deterrant or it > > >> sufficiently sets the bar very high (I think 3 letter agencies > > >> can still take the risk). > > > > > >I don't think someone could possibly be prosecuted for using a fake > > >passport to obtain a gpg signature. Especially with the link > > >between meeting a DD many months earlier and that criminal betrayal > > >being so tenuous. > > > > It's clearly fraudulent under at least UK law. I'm sure it would > > also be elsewhere. You might struggle to get police to pick up the > > *case*, but... > > This does not even matter when there are DDs who sign keys with fake > names that are not printed on any (real or fake) government > documents...
Seems we are talking about several things here: a) trusting an identity _without_ relying on governmental proof b) proving an identity using fake governmental proof It is my understanding that a) is illegal and punishable in many legal jurisdictions. It is my understanding that b) is currently tolerated in Debian but only exceptionally, and we are currently discussing if we should tolerate it more generally. I do believe that a) matters for Debian in discussing b), because the risk of punishment is an expense, and the more expensive it is to twist and bend rules the more likely those rules are followed and can therefore be trusted. - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
