On Wed, Jan 19, 2005 at 09:31:25AM -0500, Chris Gianelloni wrote:
Any dev that you cannot physically verify via government or school issued identification and their physical presence, should not be signed. Otherwise you are simply weakening the web of trust. In fact, for LWE key signing, we require 2 forms of picture identification.
Most people don't _have_ two forms of picture ID.
If you limit it to school and government, it can be hard unless you have a passport, but don't you have two of {drivers license, passport, school ID, work ID, credit card with photo}?
Some signings I have seen require 2 government issued id, but only require one to have a photo, if that makes people feel any better.
-- [email protected] mailing list
