+1 If it helps the cause I'll fly around the world on my own dime and web-up everyone in the sysadmin team who otherwise doesn't go to KDE meetups so you have at least one link that connects you to the rest of the world. I haven't had a proper vacation in years anyway ;)
On Tue, Jul 26, 2016 at 11:46 PM, Ingo Klöcker <[email protected]> wrote: > On Tuesday 26 July 2016 16:01:15 Luigi Toscano wrote: >> On Tuesday, 26 July 2016 19:25:25 CEST Boudhayan Gupta wrote: >> > 2) GPG doesn't simply encrypt the email, but also digitally signs >> > it. >> > Signatures are required to prove the authenticity of the email, and >> > to detect if it was tampered with. However, given our email >> > infrastructure, a GPG signature is meaningless. Anyone can create a >> > GPG key, encrypt the email and send it out. To trust the public key, >> > it would have to be either (a) distributed in a trustable way, which >> > brings us to the same sitation as the SSH host key, (b) signed by >> > another trusted entity (a person), after a face-to-face meeting, or >> > (c) signed by members of a web of trust (which recursively requires >> > one of (a) and (b)). Given we live in such physically diverse >> > location (in fact, Ben lives in New Zealand; meeting enough KDE >> > contributors face to face willing to sign his key is prohibitvely >> > time, effort and finance consuming). If you can't establish trust >> > of a GPG public key, the signature is meaningless. >> >> I strongly disagree with this. While it is complicated in Ben's case, >> we had GPG signing party at the past Akademy and we can rebuild the >> web of trust. Debian works like this. We can have one at the QtCon >> (with also people from other communities including FSFE). So >> *signing* the announcement emails should not be discouraged like it >> is in this email. > > I very much agree with Luigi. IMHO, OpenPGP signatures are the most > trustworthy kind of proof of authenticity (provided the key fingerprint > has been verified in a way that's as secure as a face-to-face meeting > and that the key's owner takes good care of her key). > > > I disagree that it's difficult for the admin team to verify and then > sign Ben key. For example, I think that this could be done via a voice > chat provided the admin team regularly does voice chats and therefore > recognizes Ben's voice. I don't care whether Ben's really called Ben and > lives in New Zealand. All that I care for is that the admin known to us > as Ben has sent the announcement with the new server fingerprint. And > this I could have asserted easily, if the admin team would have cross- > signed their OpenPGP keys and I would have verified the OpenPGP keys of > one, or better two, admin in a keysigning meeting, e.g. at Akademy. > > > I agree that encrypting the public information about the server > fingerprint would not have made any sense, but I guess that the people > who complained actually wanted the message to be signed rather than be > encrypted. OTOH, claiming that "GPG encryption is fundamentally broken" > is unacceptable. GPG encryption is anything but broken (if it's used in > the right way, i.e. to encrypt information exchanged between parties who > have verified their OpenPGP key). > > > Regards, > Ingo > > _______________________________________________ > kde-community mailing list > [email protected] > https://mail.kde.org/mailman/listinfo/kde-community _______________________________________________ kde-community mailing list [email protected] https://mail.kde.org/mailman/listinfo/kde-community
