Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Wed, Jun 07, 2006 at 01:22:56AM +0100, Wookey wrote: I have no idea what it would take to persuade you that I am who I say I am, but if you _only_ accept National Passports then it would appear to be impossible in my case (which I realise is something of a corner-case). I would probably need to interact more with you than just be face to face in a KSP. As I said in my posts to the thread, that is a generic rule I apply with people I don't know. If I get to know people, talk to them, interact on- and offline then the ID checks might be more permissive as I have other ways to confirm that they are the real person that has access to the private key I'm going to sign. HTH, Javier signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Sun, May 28, 2006 at 08:57:55PM -0700, Thomas Bushnell BSG wrote: If I were to crack a key signing party, using Bubba's travel documents, I too would swear up and down the street that he indeed correctly and diligently verified all kinds of _other_ government ID's when practising his art. How is it cracking to use Bubba's documents? People who do not know and trust Bubba should not accept the ID, period. Heh, I think you missed the subtext of Manoj's hypothetical, which is that Bubba sells fake IDs to underage students. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/ signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 27 May 2006 16:21:22 -0700 Paul Johnson [EMAIL PROTECTED] wrote: On Saturday 27 May 2006 16:12, Ron Johnson wrote: Paul Johnson wrote: On Saturday 27 May 2006 14:12, Steinar H. Gunderson wrote: On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote: Oregon abolished the voting booth in 2000 Oh, so they get better counts and less fraud by doing away with ballot secrecy. How wonderful. No, that's not how it works, your ballot is still secret. Think about it for a minute. You sign the mailing envelope, your ballot goes in a secrecy envelope. Elections compares signatures, opens the mailing envelope and saves it for the voter rolls, sends the secrecy envelope down the line off to the counting machines to be opened separately in some other room. That is secrecy only to the government; not in general. For instance, someone can easily pressure you into voting for party or candidate X, _since they can verify it_ (just watch as you put the ballot in the envelope, and make sure you post it). With a voting booth, nobody can effectively pressure you, as your vote is secret from everybody. Nobody can effectively pressure you, except everyone else in line, campaigners trolling the polling place, and the inability to get the day off to vote because polling places are only open 4-6 hours on election day. If you want to ignore that vote by mail is more secure than the voting booth, that's fine. Don't move to Oregon. With vote-by-mail from the privacy (and seclusion) of your home, who's to stop a political operative or angry husband from saying vote Democrat, or else!? The fact you can go to the police, and you can vote wherever you please. If you're really that concerned about it, you can go down to county elections, say your ballot got lost in the mail or tell them that someone else coerced you (which voids the original ballot's mailing envelope, and if that mailing envelope gets cast, they void the ballot it contains) and they'll give you a fresh ballot and envelopes. You're welcome to vote at the elections office, but if you want privacy you're going to have to lock yourself in a restroom. Penalties for screwing with other people's votes here are severe. That sounds like the same reason there's no more cases of battered and abused women. For some reason I'm not convinced. Jacob -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEew/akpJ43hY3cTURAmXRAKCBQgiP7tIPNhZT9rRD8zgs75jQIgCguEW+ R5t3Hq2eiQs3YKTQH3HEcP0= =ZBlX -END PGP SIGNATURE-
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
Steve Langasek [EMAIL PROTECTED] writes: On Sun, May 28, 2006 at 08:57:55PM -0700, Thomas Bushnell BSG wrote: If I were to crack a key signing party, using Bubba's travel documents, I too would swear up and down the street that he indeed correctly and diligently verified all kinds of _other_ government ID's when practising his art. How is it cracking to use Bubba's documents? People who do not know and trust Bubba should not accept the ID, period. Heh, I think you missed the subtext of Manoj's hypothetical, which is that Bubba sells fake IDs to underage students. So, if the ID says on it, Bubba's Fake ID Shop, I'm not sure I see the problem. In other words, Bubba sells forgeries, but the Transnational Republic does not. Thomas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Sat, May 27, 2006 at 04:47:20PM -0500, martin f krafft wrote: The Debian project heavily relies on keysigning for much of its work. However, I think the question what the signing of a key actually accomplishes has not been properly addressed. In my opinion, from the point of view of the Debian project, a person's actual identity (as in the name on your birth certificate) matters very little; the Debian project does not actively interfere with a person's real life in such a way as to require the birth certificate identity (legal cases, liability issues, etc.). I don't agree that the Debian project shouldn't care about being able to map the names of its contributors back to real-world entities. The work we do in Debian has real-world impact on lots of people, and if someone attacks the integrity of Debian from the inside they should expect real-world consequences for doing so. Having a contributor's real name is an aid to holding them accountable, even though it's neither globally unique nor permanent. Moreover, it's rather trivial in several countries of this world to change your official name. In this context, even the claim that in the case of a trust abuse, your reputation throughout the FLOSS community (and the rest of the Internet) should be properly tarnished, does not stand, IMHO. In the jurisdictions I'm familiar with, unless you're in a witness protection program, changing one's official name is accompanied by open court records showing the old and new names and it is thus not a terribly effective means of avoiding pesky inconveniences like creditors and criminal charges. So legally changing your name isn't going to stop us from getting your ass thrown in jail for computer crimes; OTOH, if you were using a pseudonym in the first place and no one detected it, that may be more of an obstacle. I imagine an improved protocol for the keysigning, which is based on an idea I overheard after the party (and someone mentioned it in the thread): instead of the everyone-signs-everyone approach, it might be interesting to investigate forming groups (based on connectivity statistics) such that everyone's mean distance in the web of trust can be increased by a fair amount in a short amount of time. At the same time, such circles could be used for education by those with high connectivity (and thus much experience). The problem here is of course the somewhat unreliable attendance of people. Comments welcome. I agree that this is the way to go. Who has time to work on implementing the necessary code? also sprach Enrico Zini [EMAIL PROTECTED] [2006.05.25.1218 -0500]: However, from the book you don't get the address of madduck's home, which is what you want when you have to go and drag him to jail if he willingly uploads some malicious code. Could you even drag me to jail for anything I do (or don't do) in Debian? Which jurisdiction would be used? Who'd be the prosecutor? What kind of legal claims would actually stand a chance? There are federal computer crime laws in the US that would cover things like trojaning packages or rooting Debian servers. http://conventions.coe.int/Treaty/en/Treaties/Html/185.htm suggests that EU member states should have laws criminalizing such activities as well, though I don't know the implementation details of any. That would certainly cover the majority of DDs today, anyway. And for the rest, we always have the CIA to kidnap them for us so they can be tried in the US. :-P -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/ signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
Quoting Andreas Barth ([EMAIL PROTECTED]): I know that Peter Palfrader (weasel) submits sometimes a clear fake key to KSPs and looks for people signing it. (No, there is nobody there who claims to be that person. Only the key on the list.) For future reference, I personnally dislike people trying to trick down other people. If the above is meant to later mail the people inadvertently signing the fake key, I'm OK with it. If this is intended to make a self-statement like this person is not thrustworthy because she signed a key that wasn't in the keysigning party, then I think this crosses my own personal line signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
Hi, First of all, my name is Martin Felix Krafft (with a final 't'), and my GPG key ID is 0x330c4a75. The unofficial ID I presented listed that name (without the middle name), a photo is available from [1] (sorry, can't do better now). Thus, the ID card is an unofficial card, but the identity it claims is my real identity, not a fake one. To me, this is an important distinction in the context of this discussion. This has opened a can of worms; because your transnational ID was as official as it could get. Most of us do not know what other countries consider to be official, and it's more of an intent and goodwill rather than scientific or legally binding officialness that we are signing and interchaning keys based on ID cards. regards, junichi -- [EMAIL PROTECTED],netfort.gr.jp} Debian Project -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
Junichi Uekawa [EMAIL PROTECTED] wrote: This has opened a can of worms; because your transnational ID was as official as it could get. Most of us do not know what other countries consider to be official, and it's more of an intent and goodwill rather than scientific or legally binding officialness that we are signing and interchaning keys based on ID cards. If there's anyone who should be revoking signatures, it's the people who are signing keys without being fairly certain that they belong to the correct person. This really shouldn't be controversial. -- Matthew Garrett | [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
Junichi Uekawa [EMAIL PROTECTED] writes: This has opened a can of worms; because your transnational ID was as official as it could get. Most of us do not know what other countries consider to be official, and it's more of an intent and goodwill rather than scientific or legally binding officialness that we are signing and interchaning keys based on ID cards. Wow, you thought there was a country called the Transnational Republic? Or you thought that Germany prints ID cards with Transnational Republic on them? Or what, exactly? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 26 May 2006 16:24:27 -0700 Paul Johnson [EMAIL PROTECTED] wrote: On Friday 26 May 2006 15:20, Ron Johnson wrote: Javier Fernández-Sanguino Peña wrote: On Thu, May 25, 2006 at 05:45:42PM -0700, Paul Johnson wrote: On Thursday 25 May 2006 15:26, Mike Hommey wrote: [snip] [0] As long as he doesn't go and vote too, since the people in the voting table would notice that he has voted twice and probably would have to reject the whole voting box of that table (as they would be unable to find and remove the previous voters' vote). Well that's an interesting way to cook an election... Method not viable in all jurisdictions. If you've ever wondered why Oregon takes almost as long as Florida to certify national election results, it's not because we can't count or we've had a blatant attempt at voter's fraud, it's because elections is busy checking signatures on ballot envelopes. Oregon abolished the voting booth in 2000: Election Day is actually the last election day of six consecutive weeks we can vote (beat that and your wussy six hours, America!), and we vote at home. You have your option of mailing or handing in your ballot to county elections. Oregon residents that will be outside the state of Oregon on the last day of the election are the only people eligible to register absentee because of this (this is a good thing, since it improves voter turnout and more votes count initially, whereas absentee ballots in all 50 states never get opened unless there's a tie). Oh, so they get better counts and less fraud by doing away with ballot secrecy. How wonderful. Jacob -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEeFF5kpJ43hY3cTURAtLcAKCy0mljUzNYIkBTs7ApfzcnSfZGQwCfWww6 +28CMNtPy3/W4CCtr4hue1g= =WAY5 -END PGP SIGNATURE-
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
Javier Fernández-Sanguino Peña wrote: On Thu, May 25, 2006 at 05:30:23PM +0200, Luca Capello wrote: FYI, Martin's explanation is at [1], which passed on Planet Debian. Thx, bye, Gismo / Luca [1] http://blog.madduck.net/geek/2006.05.24-tr-id-at-keysigning FWIW, I noted down those keys I would *not* sign and didn't tell the people at the KSP that I would not sign them. I guess his experiment only one in ten said that they would *not* sign it is moot unless he backs it up with the signatures he eventually got sent from those he showed a wrong ID to. Yes, that is true. I did the same for some people showing really weird ID like their university cafeteria card. That being said I (personally) already decided not to sign people that showed me something that was *not* a passport and noted that in my KSP paper page through it. Unfortunately, I'm not confindent in my ability to disntiguish forgeries so that means that people: - showing their country's ID card That's idiocy. The German identity card is an officially issued authentication device and substitutes a passport. (Which is true for the whole European Union, so you should know). In fact the identity card (despite the name written on it and the pages holding visa stamps) is almost identical to the passport. (With the exception of very new passports containing additional biometric features.) and not showing any passports or showing passports: - which did not had the *same* spelling as the name in the key (letter by letter) The German passport/ID card has official ASCII transliterations of umlaut names, so if you have discarded signatures on that assumption you didn't read exactly enough. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Fri, May 26, 2006 at 03:09:04PM +0200, Filippo Giunchedi wrote: On Thu, May 25, 2006 at 08:00:23PM +0200, Javier Fernández-Sanguino Peña wrote: FWIW, I noted down those keys I would *not* sign and didn't tell the people at the KSP that I would not sign them. I guess his experiment only one in ten said that they would *not* sign it is moot unless he backs it up with the signatures he eventually got sent from those he showed a wrong ID to. Don't you think this is at least don't fair to people attending KSP? Not even explaining them why they won't receive your signature (which is the whole point of KSP). Something like I'm sorry but this is unacceptable to me (because of this and that) would be okay to educate people showing correct IDs. That's a good point and I will try to send those people and e-mail explaining why I didn't sign them. I, at least, don't only make the decission on signing or not in the KSP but also based on the experience throughout the Debconf (I might have different protocols for those that I have actually *met* in order to sign their keys). That's why I would not tell those at the KSP, but I might do it afterwards. Regards Javier signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Fri, May 26, 2006 at 05:20:59PM -0500, Ron Johnson wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Javier Fernández-Sanguino Peña wrote: On Thu, May 25, 2006 at 05:45:42PM -0700, Paul Johnson wrote: On Thursday 25 May 2006 15:26, Mike Hommey wrote: [snip] [0] As long as he doesn't go and vote too, since the people in the voting table would notice that he has voted twice and probably would have to reject the whole voting box of that table (as they would be unable to find and remove the previous voters' vote). Well that's an interesting way to cook an election... Yes, I guess that political parties (at least in Spain) are quite aware what the turnout of booths are, since voting for a given party is really cross-related to where you actually live [1]. It would be quite easy for a rogue party to force rejections of the booths that *competing* parties would win more with. But this is actually quite OT, isn't it? Regards Javier [1] And your assigned booth for voting is based on which street you live in. You cannot select to vote in any booth. That's so that the people managing voters can have a limited census lists (voters in that booth) and it is easier to prevent duplicate voting, I guess. signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Sat, May 27, 2006 at 04:04:33PM +0200, Moritz Muehlenhoff wrote: That being said I (personally) already decided not to sign people that showed me something that was *not* a passport and noted that in my KSP paper page through it. Unfortunately, I'm not confindent in my ability to disntiguish forgeries so that means that people: - showing their country's ID card That's idiocy. The German identity card is an officially issued authentication device and substitutes a passport. (Which is true for the whole European Union, so you should know). In fact the identity card (despite the name written on it and the pages holding visa stamps) is almost identical to the passport. (With the exception of very new passports containing additional biometric features.) That is not idiocy. The Spanish identity card is also officially issued [0]. Heck, the new ones now even come with a crypto-chip. That doesn't mean I can expect other people to tell apart a proper Spanish identity card from a fake one [1], and that's why I take my passport to KSPs and don't use my Spanish ID. I guess I think (but might be wrong) that people might be able to trust a passport which is (somewhat) similar to *their* passport (although this is not true for all countries) than to trust an identity card of a country they are unfamiliar with [2] If the assistants to the KSP were only Spanish (or German) citizens I guess that the identity card would be OK for that KSP, as most people should now what it is expected to *look* like. For international KSPs, however, I rather present (and be shown) a passport. Regards Javier [0] You have to pay for it, BTW, just like for the passport, but I guess that does not fit Manoj's definition :-) [1] Specially since ID cards in my country have mutated throughout time and older ID cards are easier to forge than newer cards, but there might be very old ID cards that do not have an expiration date on them and are (to all effects) still valid in Spain. [2] Heck, even the notion of a national ID card is foreign to some countries which do not have any of that kind. How can I expect a UK or US citizen to verify and approve of the ID card of a foreign country? (if they are not familiar with those ID cards, that is) signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Fri, May 26, 2006 at 04:54:19PM +0200, Javier Fernández-Sanguino Peña wrote: On Thu, May 25, 2006 at 05:45:42PM -0700, Paul Johnson wrote: On Thursday 25 May 2006 15:26, Mike Hommey wrote: I'm pretty sure we can find official IDs that look so lame that you'd think it's a fake Also worth noting that Spanish driving license IDs are on that group. I have always wondered why they are useful in Spain for ID purposes (even for voting in general ellections) since it's a boy's game to unstaple somebody's picture from his driving license and go vote with his ID and your picture in it [0]. Go figure. [0] As long as he doesn't go and vote too, since the people in the voting table would notice that he has voted twice and probably would have to reject the whole voting box of that table (as they would be unable to find and remove the previous voters' vote). Nah, they would just keep the real guy from voting. -- Lionel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Saturday 27 May 2006 06:17, Jacob S wrote: Oregon abolished the voting booth in 2000: Election Day is actually the last election day of six consecutive weeks we can vote (beat that and your wussy six hours, America!), and we vote at home. You have your option of mailing or handing in your ballot to county elections. Oregon residents that will be outside the state of Oregon on the last day of the election are the only people eligible to register absentee because of this (this is a good thing, since it improves voter turnout and more votes count initially, whereas absentee ballots in all 50 states never get opened unless there's a tie). Oh, so they get better counts and less fraud by doing away with ballot secrecy. How wonderful. No, that's not how it works, your ballot is still secret. Think about it for a minute. You sign the mailing envelope, your ballot goes in a secrecy envelope. Elections compares signatures, opens the mailing envelope and saves it for the voter rolls, sends the secrecy envelope down the line off to the counting machines to be opened separately in some other room. And if you still don't like it, you don't have to live here, everybody else already beat you to the punch. Oregon's full. -- Paul Johnson Email and IM (XMPP Google Talk): [EMAIL PROTECTED] Jabber: Because it's time to move forward http://ursine.ca/Ursine:Jabber pgpukUZBWuxR7.pgp Description: PGP signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote: Oregon abolished the voting booth in 2000 Oh, so they get better counts and less fraud by doing away with ballot secrecy. How wonderful. No, that's not how it works, your ballot is still secret. Think about it for a minute. You sign the mailing envelope, your ballot goes in a secrecy envelope. Elections compares signatures, opens the mailing envelope and saves it for the voter rolls, sends the secrecy envelope down the line off to the counting machines to be opened separately in some other room. That is secrecy only to the government; not in general. For instance, someone can easily pressure you into voting for party or candidate X, _since they can verify it_ (just watch as you put the ballot in the envelope, and make sure you post it). With a voting booth, nobody can effectively pressure you, as your vote is secret from everybody. Anyhow, this is rapidly very very offtopic. /* Steinar */ -- Homepage: http://www.sesse.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Saturday 27 May 2006 14:12, Steinar H. Gunderson wrote: On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote: Oregon abolished the voting booth in 2000 Oh, so they get better counts and less fraud by doing away with ballot secrecy. How wonderful. No, that's not how it works, your ballot is still secret. Think about it for a minute. You sign the mailing envelope, your ballot goes in a secrecy envelope. Elections compares signatures, opens the mailing envelope and saves it for the voter rolls, sends the secrecy envelope down the line off to the counting machines to be opened separately in some other room. That is secrecy only to the government; not in general. For instance, someone can easily pressure you into voting for party or candidate X, _since they can verify it_ (just watch as you put the ballot in the envelope, and make sure you post it). With a voting booth, nobody can effectively pressure you, as your vote is secret from everybody. Nobody can effectively pressure you, except everyone else in line, campaigners trolling the polling place, and the inability to get the day off to vote because polling places are only open 4-6 hours on election day. If you want to ignore that vote by mail is more secure than the voting booth, that's fine. Don't move to Oregon. -- Paul Johnson Email and IM (XMPP Google Talk): [EMAIL PROTECTED] Jabber: Because it's time to move forward http://ursine.ca/Ursine:Jabber pgprNrKdLfni3.pgp Description: PGP signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul Johnson wrote: On Saturday 27 May 2006 14:12, Steinar H. Gunderson wrote: On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote: Oregon abolished the voting booth in 2000 Oh, so they get better counts and less fraud by doing away with ballot secrecy. How wonderful. No, that's not how it works, your ballot is still secret. Think about it for a minute. You sign the mailing envelope, your ballot goes in a secrecy envelope. Elections compares signatures, opens the mailing envelope and saves it for the voter rolls, sends the secrecy envelope down the line off to the counting machines to be opened separately in some other room. That is secrecy only to the government; not in general. For instance, someone can easily pressure you into voting for party or candidate X, _since they can verify it_ (just watch as you put the ballot in the envelope, and make sure you post it). With a voting booth, nobody can effectively pressure you, as your vote is secret from everybody. Nobody can effectively pressure you, except everyone else in line, campaigners trolling the polling place, and the inability to get the day off to vote because polling places are only open 4-6 hours on election day. If you want to ignore that vote by mail is more secure than the voting booth, that's fine. Don't move to Oregon. With vote-by-mail from the privacy (and seclusion) of your home, who's to stop a political operative or angry husband from saying vote Democrat, or else!? Campaigners trolling the polling place is supposed to be illegal (well, it's illegal in Louisiana), and if a campaigner *does* troll a polling place, the election observer from the opposite party will report it, and she/he will have many witnesses. There are no neutral observers in your house. The husband can watch who she votes for and beat her, or she can withhold sex if he doesn't vote for whom she wants. Since the rest of the country votes in private, my wife could be voting Marxist for all I know. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEeNzZS9HxQb37XmcRAq1jAKCaCL0YRiZ7TPRGQl/L1ISPru2fCwCdGXTp hMRGuvRvAkqzEmioScSDhb8= =sYlG -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Sat, May 27, 2006 at 03:41:58PM -0700, Paul Johnson wrote: On Saturday 27 May 2006 14:12, Steinar H. Gunderson wrote: On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote: Oregon abolished the voting booth in 2000 Oh, so they get better counts and less fraud by doing away with ballot secrecy. How wonderful. No, that's not how it works, your ballot is still secret. Think about it for a minute. You sign the mailing envelope, your ballot goes in a secrecy envelope. Elections compares signatures, opens the mailing envelope and saves it for the voter rolls, sends the secrecy envelope down the line off to the counting machines to be opened separately in some other room. That is secrecy only to the government; not in general. For instance, someone can easily pressure you into voting for party or candidate X, _since they can verify it_ (just watch as you put the ballot in the envelope, and make sure you post it). With a voting booth, nobody can effectively pressure you, as your vote is secret from everybody. Nobody can effectively pressure you, except everyone else in line, campaigners trolling the polling place, and the inability to get the day off to vote because polling places are only open 4-6 hours on election day. None of these people are in the voting booth with you and they are therefore not in a position to verify the vote you cast and punish you for it. If you want to ignore that vote by mail is more secure than the voting booth, that's fine. Don't move to Oregon. If you want to make facile arguments, that's fine. But don't do it on debian-devel. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/ signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Saturday 27 May 2006 16:12, Ron Johnson wrote: Paul Johnson wrote: On Saturday 27 May 2006 14:12, Steinar H. Gunderson wrote: On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote: Oregon abolished the voting booth in 2000 Oh, so they get better counts and less fraud by doing away with ballot secrecy. How wonderful. No, that's not how it works, your ballot is still secret. Think about it for a minute. You sign the mailing envelope, your ballot goes in a secrecy envelope. Elections compares signatures, opens the mailing envelope and saves it for the voter rolls, sends the secrecy envelope down the line off to the counting machines to be opened separately in some other room. That is secrecy only to the government; not in general. For instance, someone can easily pressure you into voting for party or candidate X, _since they can verify it_ (just watch as you put the ballot in the envelope, and make sure you post it). With a voting booth, nobody can effectively pressure you, as your vote is secret from everybody. Nobody can effectively pressure you, except everyone else in line, campaigners trolling the polling place, and the inability to get the day off to vote because polling places are only open 4-6 hours on election day. If you want to ignore that vote by mail is more secure than the voting booth, that's fine. Don't move to Oregon. With vote-by-mail from the privacy (and seclusion) of your home, who's to stop a political operative or angry husband from saying vote Democrat, or else!? The fact you can go to the police, and you can vote wherever you please. If you're really that concerned about it, you can go down to county elections, say your ballot got lost in the mail or tell them that someone else coerced you (which voids the original ballot's mailing envelope, and if that mailing envelope gets cast, they void the ballot it contains) and they'll give you a fresh ballot and envelopes. You're welcome to vote at the elections office, but if you want privacy you're going to have to lock yourself in a restroom. Penalties for screwing with other people's votes here are severe. -- Paul Johnson Email and IM (XMPP Google Talk): [EMAIL PROTECTED] Jabber: Because it's time to move forward http://ursine.ca/Ursine:Jabber pgpyylAosTFDX.pgp Description: PGP signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul Johnson wrote: On Saturday 27 May 2006 16:12, Ron Johnson wrote: Paul Johnson wrote: On Saturday 27 May 2006 14:12, Steinar H. Gunderson wrote: On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote: Oregon abolished the voting booth in 2000 Oh, so they get better counts and less fraud by doing away with ballot secrecy. How wonderful. No, that's not how it works, your ballot is still secret. Think about it for a minute. You sign the mailing envelope, your ballot goes in a secrecy envelope. Elections compares signatures, opens the mailing envelope and saves it for the voter rolls, sends the secrecy envelope down the line off to the counting machines to be opened separately in some other room. That is secrecy only to the government; not in general. For instance, someone can easily pressure you into voting for party or candidate X, _since they can verify it_ (just watch as you put the ballot in the envelope, and make sure you post it). With a voting booth, nobody can effectively pressure you, as your vote is secret from everybody. Nobody can effectively pressure you, except everyone else in line, campaigners trolling the polling place, and the inability to get the day off to vote because polling places are only open 4-6 hours on election day. If you want to ignore that vote by mail is more secure than the voting booth, that's fine. Don't move to Oregon. With vote-by-mail from the privacy (and seclusion) of your home, who's to stop a political operative or angry husband from saying vote Democrat, or else!? The fact you can go to the police, and you can vote wherever you please. If you're really that concerned about it, you can go down to county elections, say your ballot got lost in the mail or tell them that someone else coerced you (which voids the original ballot's mailing envelope, and if that mailing envelope gets cast, they void the ballot it contains) and they'll give you a fresh ballot and envelopes. You're welcome to vote at the elections office, but if you want privacy you're going to have to lock yourself in a restroom. Penalties for screwing with other people's votes here are severe. That's after-the-fact. Eliminate the possibility by voting in a private booth. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEeO4FS9HxQb37XmcRApVsAJ9YRsKag6F0t5+axbWxyA0BTdhWVgCfb7ZS gy3xo+3MkiptXVGcrDkGniw= =S8s9 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Steve Langasek wrote: On Sat, May 27, 2006 at 03:41:58PM -0700, Paul Johnson wrote: On Saturday 27 May 2006 14:12, Steinar H. Gunderson wrote: On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote: Oregon abolished the voting booth in 2000 [snip] If you want to ignore that vote by mail is more secure than the voting booth, that's fine. Don't move to Oregon. If you want to make facile arguments, that's fine. But don't do it on debian-devel. Stop agreeing with me, Steve, the earth might shift out of orbit! :) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEeO5bS9HxQb37XmcRAj8aAKCVB6QzY2BrjtN+ra7YoqnWIdJTQwCeOMq+ QN8auNuPzS4/ykxlOL93OyA= =TflP -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On 25 May 2006, Stephen Frost verbalised: * Manoj Srivastava ([EMAIL PROTECTED]) wrote: Explanation? What we have here is an act of bad faith, in the guise of demonstrating a weakness. In my experience, one act of bad faith often leads to others. pffft. This is taking it to an extreme. He wasn't trying to fake who he was, it just wasn't an ID issued by a generally recognized government (or perhaps not a government at all, but whatever). If you think an ID from a place that issue you any ID when you pay for it is valid, I probably will not trust a key signed by you, and I would also suggest other people do not. manoj -- Those who bring sunshine to the lives of others cannot keep it from themselves. Sir James Barrie Manoj Srivastava [EMAIL PROTECTED] http://www.datasync.com/%7Esrivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
* Manoj Srivastava ([EMAIL PROTECTED]) wrote: On 25 May 2006, Stephen Frost spake thusly: I wasn't making any claim as to the general validity of IDs which are purchased and I'm rather annoyed that you attempted to extrapolate it out to such. What I said is that he wasn't trying to fake who he was, as the information (according to his blog anyway, which he might be lieing on but I tend to doubt it) on the ID was, in fact, accurate. He has already bragged about how he cracked the KSP by presenting an unofficial ID which he bought -- an action designed to show the weakness of signing parties. So, this was a bad faith act, since the action was not to show an valid, official ID to extend the web of trust, but to see how many people could be duped into signing his key. Pffft. Again, I call foul. That was as much 'bragging' as any scientist reporting on a study. It *wasn't* done in bad faith, as the information on the ID (now independtly confirmed even) *was* accurate. Given that he is acknowledges trying to dupe people, why do you think he is not lying about the contents of the ID? He didn't try to dupe people and this claim is getting rather old. Duping people would have actually been putting false information on the ID and generating a fake key and trying to get someone to sign off on the fake key based on completely false information. The contents of the ID were accurate, as was his key, there was no duping or lying. Whineing that he showed a non-government ID at a KSP and saying that's duping someone is more than a bit of a stretch, after all, I've got IDs issued by my company, my university, my state, my federal gov't, etc. Would I be 'duping' people if I showed them my company ID? What about my university ID? Would it have garnered this reaction? I doubt it. If you're upset about this because you had planned to sign it and now feel 'duped' then I suggest you get past that emotional hurdle and come back to reality. Rubbish. The reality I am concerned about is someone cracking the KSP and duping people into signing his hey when they had been fooled into thinking they were looking at an unfamiliar official ID. The reality is that you're turning this into something much, much larger than it actually is. If you're actually concerned about someone cracking the KSP then what you *should* be doing is attempting to educate people on the dangers of KSPs in general, not going after someone who happened to point out that not everyone checks IDs very carefully (an unsuprising reality but one which now has a good measure of proof behind it to base change upon). 'Cracking' the KSP, such as one could, would be coming up with a fake identity entirely and trying to get people to sign off on it. Even that isn't actually all that *dangerous* until someone grants some privilege based on that signature. That *isn't* what happened here, and, indeed, being rather well known (it seems) there would have made it more difficult for him to pull off than, say, someone off the street. No one 'crack'ed anything here (that we know of anyway) and while not signing his key because of this is reasonable, or even revoking a signature which had been based on this ID, the constant inflammatory claims of Martin being a 'cracker' and how this could lead to other 'cracks' is extreme, insulting, and childish. And I think your attitude is naive, optimistic, and dangerous. This was a subversion of the KSP. Admittedly, KSP's are fragile, and people get tired, and glassy eyed from looking at too many unfamiliar official looking documents. It takes little social engineering to fool people into signing based on fake documents. Again, there was no subversion, the information on his ID was accurate. I'm tired of you blowing things way out of proportion, this being just the last in a trend you seem to have towards sensationalizing things. :/ Admittedly, in the world of cracking this is the equivalent of running off with the handbag of an old lady on crutches, which is why one speculates about where the next crack is headed for. I disagree with the analogy entirely, but even more so doubt that anyone but you is speculating about where the next crack is headed for. How you made the leap from presenting a non-gov't ID at a KSP to dangerous cracker is far beyond me. Thanks, Stephen signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
My memory is horrible, but IIRC James Troup (ie, our keymaster..) did some similar study at the DebConf5 KSP and ended up with a list of people whose GPG signtures he didn't trust anymore because of whatever trick they fell for. This thread seems entirely blown out of porportion. -- see shy jo signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Thu, May 25, 2006 at 04:08:31PM -0400, Stephen Frost wrote: He didn't try to dupe people and this claim is getting rather old. Duping people would have actually been putting false information on the ID and generating a fake key and trying to get someone to sign off on the fake key based on completely false information. The contents of the ID were accurate, as was his key, there was no duping or lying. Whineing that he showed a non-government ID at a KSP and saying that's duping someone is more than a bit of a stretch, after all, I've got IDs issued by my company, my university, my state, my federal gov't, etc. Would I be 'duping' people if I showed them my company ID? What about my university ID? Would it have garnered this reaction? I doubt it. Indeed, duping people would have been if he had passed himself off as AJ, and managed to get people to sign a bogus key as belonging to the DPL. That would have been a demonstration that would have been really obnoxious, and would justify your reaction. In this particular case, he did not assert incorrect information, but rather (to use an X.509 analogy) used a Certificate signed by an untrusted Certification Authority. The fact that some people were willing to trust is about as surprising as the fact that many people click OK when they see a certificate signed by CA not in the browser's trusted list. But he didn't perpetrate fraud in any way. So this is not a surprise, and it's not what I would call an earth-shaking result. But nevertheless, Manoj, I think you are over-reacting. Chill. Relax. Have a alcoholic or non-acoholic beverage of your choice. :-) - Ted -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On 25 May 2006, Andreas Tille spake thusly: On Thu, 25 May 2006, Manoj Srivastava wrote: It has come to my attention that Martin Kraff used an unofficial, and easily forge-able, identity device at a large key Is there any reason to revoke my signature I have put on Martin's key after he showed me his passport? In my opinion, yes, if you consider subverting the KSP like that unacceptable behaviour. IMHO this mail is a little bit overdone and brings a DD in a bad light. Perhaps an information to the partipiciants of the KSP in question would have done the job and it should be easy enough to find out the address list of the partipiciants. I find the action unconscionable, so I am not sure I agree that I am the one putting the DD in a bad light. His actions are what have lead to this position under the spot lights. manoj -- Human beings were created by water to transport it uphill. Manoj Srivastava [EMAIL PROTECTED] http://www.datasync.com/%7Esrivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Thu, May 25, 2006 at 02:12:25PM -0500, Manoj Srivastava wrote: On 25 May 2006, Stephen Frost spake thusly: pffft. This is taking it to an extreme. He wasn't trying to fake who he was, it just wasn't an ID issued by a generally recognized government (or perhaps not a government at all, but whatever). If you think an ID from a place that issue you any ID when you pay for it is valid, I probably will not trust a key signed by you, and I would also suggest other people do not. I wasn't making any claim as to the general validity of IDs which are purchased and I'm rather annoyed that you attempted to extrapolate it out to such. What I said is that he wasn't trying to fake who he was, as the information (according to his blog anyway, which he might be lieing on but I tend to doubt it) on the ID was, in fact, accurate. He has already bragged about how he cracked the KSP by presenting an unofficial ID which he bought -- an action designed to show the weakness of signing parties. So, this was a bad faith act, since the action was not to show an valid, official ID to extend the web of trust, but to see how many people could be duped into signing his key. Given that he is acknowledges trying to dupe people, why do you think he is not lying about the contents of the ID? He is acknowledging testing people in real-world conditions to determine whether they have acceptably strict standards for ID checking. Accusing him of duping people, of being a braggart for publishing the results of this experiment, and of acting in bad faith discourages people from testing the quality of conventional keysigning practices in the future. Shouldn't we as a community *want* to know about problems with the strength of people's ID checking, *before* someone smuggles a fraudulent identity into our ranks? Where is the indignant outrage towards those 9 out of 10 keysigners who apparently had no objection to signing a key based on a trumped-up ID card with no legal validity? If you really care about the strength of our web of trust, *they* are who should be named and shamed here. Of *course* this was done under the laxest possible keysigning circumstances. Pre-announcing that someone at the keysigning party will be showing non-government ID is like warning students of locker inspections a week in advance -- you might get a warm fuzzy that all the school's library books are turned in, but you're not going to catch any drug dealers that way... If you're upset about this because you had planned to sign it and now feel 'duped' then I suggest you get past that emotional hurdle and come back to reality. Rubbish. The reality I am concerned about is someone cracking the KSP and duping people into signing his hey when they had been fooled into thinking they were looking at an unfamiliar official ID. The whole reason we have an ID check in the first place as part of the standard keysigning practice is that we do *not* trust people to be who they say they are: if I'm doing what I'm supposed to as a key signer, then I'm not vulnerable to attacks based on trivially-falsified IDs. If I'm not doing what I'm supposed to, the only person I have reason to be mad at is myself. If I (or anyone else) can't be trusted to directly and personally verify the ID of the person whose key I'm (they're) signing, then my (their) keys add no value at all to the web of trust. It is better to have no signatures than to have weak signatures pretending to be worth something. I applaud your personal decision to revoke signatures for this KSP based on your doubts regarding the efficacy of your own ID checks under these circumstances, but I don't think it's appropriate for you to accuse Martin of wrongdoing. Admittedly, in the world of cracking this is the equivalent of running off with the handbag of an old lady on crutches, which is why one speculates about where the next crack is headed for. Any injury done to the people at the KSP they have done to themselves. It's more analagous to standing next to an icy walkway and studying how many of the old ladies on crutches walk out on their own and break their hips, vs. how many ask for his assistance across. You might think it cruel, but I don't see any justification for calling it malicious. He did dupe people --- into signing based on an unofficial document which can be purchased at will. And it is obvious that large KSP's have tired people, doing a repititive task, and have a lot of people unfamiliar with key signing. The conclusion was foregon -- rartely do people have scientific studies belabouring the obvious. If you consider it a foregone conclusion that people at KSPs, including DDs, will exercise poor keysigning practices, why attend the KSP? I attend KSPs because I'm comfortable that *I* am still checking IDs and fingerprints properly for all keys I sign, in spite of the circumstances. But if
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Thu, May 25, 2006 at 02:12:25PM -0500, Manoj Srivastava wrote: He has already bragged about how he cracked the KSP by presenting an unofficial ID which he bought -- an action designed to show the weakness of signing parties. So, this was a bad faith act, since the action was not to show an valid, official ID to extend the web of trust, but to see how many people could be duped into signing his key. I was not there, so I might miss quite many things, but from readings seems that he showed his real ID under a presumably faked ID card, and some people signed his key based on it. Given that he is acknowledges trying to dupe people, why do you think he is not lying about the contents of the ID? This is a question for the people that signed his key based on the apparently evidently faked ID card. I do not think that was Martin who cracked the KSP, but the people who signed his key based on extremely doubtful identification. I also think you are overreacting about Martin, somebody wanting to get a signed key under a fake identity for bad purposes would not act like Martin, but in a more subtle (and dangerous) way. The only think I can complain about Martin is for not putting shame on those that were to sign his key just before signing, so others learn. Rubbish. The reality I am concerned about is someone cracking the KSP and duping people into signing his hey when they had been fooled into thinking they were looking at an unfamiliar official ID. If things are this easy we are in a problem, and this is the problem, not Martin. -- Agustin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
* Joey Hess ([EMAIL PROTECTED]) [060526 10:17]: My memory is horrible, but IIRC James Troup (ie, our keymaster..) did some similar study at the DebConf5 KSP and ended up with a list of people whose GPG signtures he didn't trust anymore because of whatever trick they fell for. I know that Peter Palfrader (weasel) submits sometimes a clear fake key to KSPs and looks for people signing it. (No, there is nobody there who claims to be that person. Only the key on the list.) Cheers, Andi -- http://home.arcor.de/andreas-barth/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Thursday 25 May 2006 15:26, Mike Hommey wrote: On Thu, May 25, 2006 at 04:16:24PM -0500, Manoj Srivastava [EMAIL PROTECTED] wrote: The KSP was cracked, People signed a key without ever looking at proper, official ID. You can try and save face by calling it whatever you want, but that does not change the reality. Manoj, how do *you* ensure the ID that someone presents you is a proper, official ID ? I'm pretty sure we can find official IDs that look so lame that you'd think it's a fake (the old french ones could be good example, and i know people who still use that as an ID, though they wouldn't come to a KSP ; they don't even know what a GPG/PGP key is). Other good examples would be IDs issued to people under age 21 in the state of Washington (printed the wrong direction on the card), Oregon IDs issued prior to the late 1990s (exact year depends on DMV location issuing), which were a piece of cardboard with a form printed on it, and all the data typed in with an electric typewriter, with your photo glued to the upper left corner and a hologram someplace on it, laminated. The new Oregon IDs (issued after 2004) are widely mistaken as fake IDs since they're nearly identical to the California IDs: Prior to then, Oregon had a policy of making sure their ID did not look like any other state's ID (if they wanted to update the ID to make it harder to copy, they should have made the hologram part the photo of Mt. Hood with the word OREGON on it instead of switching to making poor counterfeits of California's IDs). That being said, DMV can have my Not Californian Looking(tm) ID back around the time they pry it from my cold, dead fingers or I surrender it at the BC Ministry of Transportation and Highways (by that time, the backwater country that thinks Oregon and California shouldn't have an international boundary between them can kiss my ass). -- Paul Johnson Email and IM (XMPP Google Talk): [EMAIL PROTECTED] Jabber: Because it's time to move forward http://ursine.ca/Ursine:Jabber pgpobltLD4o6M.pgp Description: PGP signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
James Troup wrote: My key was part of the DC4 KSP materials, but I didn't manage to attend in the end. A couple of people signed my key despite my lack of attendance and one of them an NM applicant, IIRC. Again from memory, Martin talked to the NM in question who was very apologetic, claimed it was an honest mistake, he'd ticked the wrong person in the list, etc. or something similar. Aha, I *knew* my memory sucked, thanks for setting it straight. -- see shy jo signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
Manoj Srivastava wrote: On 25 May 2006, Stephen Frost verbalised: * Manoj Srivastava ([EMAIL PROTECTED]) wrote: Explanation? What we have here is an act of bad faith, in the guise of demonstrating a weakness. In my experience, one act of bad faith often leads to others. pffft. This is taking it to an extreme. He wasn't trying to fake who he was, it just wasn't an ID issued by a generally recognized government (or perhaps not a government at all, but whatever). If you think an ID from a place that issue you any ID when you pay for it is valid, I probably will not trust a key signed by you, and I would also suggest other people do not. The previously mentioned blog entry by someone claiming to be Martin Krafft claims that the unofficial ID presented for this person was issued based on an existing passport and not only his claimed name. Ben. -- Ben Hutchings I'm always amazed by the number of people who take up solipsism because they heard someone else explain it. - E*Borg on alt.fan.pratchett signature.asc Description: This is a digitally signed message part
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
Javier Fernández-Sanguino Peña wrote: and not showing any passports or showing passports: [...] - which did not had the *same* spelling as the name in the key (letter by letter) will not get a signature from me. While you're obviously free to set your own standards as to whose keys you sign and not, I have come to the conclusion that the exact same spelling requirement doesn't make that much sense. As an example, take Bdale whose real name isn't Bdale, but Barksdale Garbee III (iirc, it's been some time since I last saw his passport, apologies if for any misspellings, etc). He goes by the name of Bdale and more people know him by that name than by Barksdale, so signing his key based on this makes sense. The same goes for middle names people never use, etc. The rule has to be applied with caution, I would be uncomfortable signing somebody's key where I didn't know about them beforehand and their name on the key and passport was a complete miss. - tfheen
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
Manoj Srivastava [EMAIL PROTECTED] wrote: On 25 May 2006, Stephen Frost verbalised: * Manoj Srivastava ([EMAIL PROTECTED]) wrote: Explanation? What we have here is an act of bad faith, in the guise of demonstrating a weakness. In my experience, one act of bad faith often leads to others. pffft. This is taking it to an extreme. He wasn't trying to fake who he was, it just wasn't an ID issued by a generally recognized government (or perhaps not a government at all, but whatever). If you think an ID from a place that issue you any ID when you pay for it is valid, I probably will not trust a key signed by you, and I would also suggest other people do not. How do you know that the people who issued this ID would have issued any ID when you pay for it? Paying, of course, is irrelevant here; at least in Germany you do have to pay for your official ID or Passport, too. And if this Transnational Republic is a political organization who do issue IDs because they want to demonstrate their political importance, and not just a fun group, I'd expect that they do try to issue correct IDs. I wouldn't trust them to do it as thoroughly as I trust the germand authorities, but I have no data to decide whether I should trust them more or less than the authorities of China, Nigeria or, for that matter, the United States of America. Regards, Frank -- Frank Küster Single Molecule Spectroscopy, Protein Folding @ Inst. f. Biochemie, Univ. Zürich Debian Developer (teTeX)
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Thu, May 25, 2006 at 04:30:07PM -0500, Manoj Srivastava wrote: On 25 May 2006, Andreas Tille spake thusly: Is there any reason to revoke my signature I have put on Martin's key after he showed me his passport? In my opinion, yes, if you consider subverting the KSP like that unacceptable behaviour. This may be a silly question but doesn't my signature only state that I certify this key really belongs to the person it seems to belong to? Michael -- Michael Meskes Email: Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org) ICQ: 179140304, AIM/Yahoo: michaelmeskes, Jabber: [EMAIL PROTECTED] Go SF 49ers! Go Rhein Fire! Use Debian GNU/Linux! Use PostgreSQL! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
Manoj Srivastava wrote: On 25 May 2006, Andreas Tille spake thusly: On Thu, 25 May 2006, Manoj Srivastava wrote: It has come to my attention that Martin Kraff used an unofficial, and easily forge-able, identity device at a large key Is there any reason to revoke my signature I have put on Martin's key after he showed me his passport? In my opinion, yes, if you consider subverting the KSP like that unacceptable behaviour. Keysigning isn't for judging behaviour but for confirming identity. Thiemo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Thu, 2006-05-25 at 16:16 -0500, Manoj Srivastava wrote: On 25 May 2006, Stephen Frost spake thusly: * Manoj Srivastava ([EMAIL PROTECTED]) wrote: On 25 May 2006, Stephen Frost spake thusly: I wasn't making any claim as to the general validity of IDs which are purchased and I'm rather annoyed that you attempted to extrapolate it out to such. What I said is that he wasn't trying to fake who he was, as the information (according to his blog anyway, which he might be lieing on but I tend to doubt it) on the ID was, in fact, accurate. He has already bragged about how he cracked the KSP by presenting an unofficial ID which he bought -- an action designed to show the weakness of signing parties. So, this was a bad faith act, since the action was not to show an valid, official ID to extend the web of trust, but to see how many people could be duped into signing his key. Pffft. Again, I call foul. That was as much 'bragging' as any scientist reporting on a study. It *wasn't* done in bad faith, as the information on the ID (now independtly confirmed even) *was* accurate. Cracking is not a scientific study. cracking may not be, but determining the average number of people who spot an unofficial id could be construed to be. Given that he is acknowledges trying to dupe people, why do you think he is not lying about the contents of the ID? He didn't try to dupe people and this claim is getting rather old. He did dupe people --- into signing based on an unofficial document which can be purchased at will. And it is obvious that large KSP's have tired people, doing a repititive task, and have a lot of people unfamiliar with key signing. The conclusion was foregon -- rartely do people have scientific studies belabouring the obvious. again, the question (i believe) has to be: what is obvious? it seems, manoj, you are basing a large part of your argument on the fact that ksp are inheritly insecure. but people are constantly testing the obvious things. can they be proved to be insecure? Duping people would have actually been putting false information on the ID and generating a fake key and trying to get someone to sign off on the fake key based on completely false information. The contents of the ID were accurate, as was his key, there was no I, for one, have no way of knowing if that was not the case. duping or lying. Whineing that he showed a non-government ID at a KSP and saying that's duping someone is more than a bit of a stretch, after all, I've got IDs issued by my company, my university, my state, my federal gov't, etc. Would I be 'duping' people if I showed them my company ID? What about my university ID? Would it have garnered this reaction? I doubt it. The directive at the KSP was that you showed people an official pho ID -- a passport if you had one, or whatever you had available if you were local. Putting in a purchased card (I know there are several places around that create official looking docments in exchange for money is subvering the KSP). If you're upset about this because you had planned to sign it and now feel 'duped' then I suggest you get past that emotional hurdle and come back to reality. Rubbish. The reality I am concerned about is someone cracking the KSP and duping people into signing his hey when they had been fooled into thinking they were looking at an unfamiliar official ID. The reality is that you're turning this into something much, much larger than it actually is. I can't help it if you think presenting unofficial ID at a debian KSP does not amount to much. I tend not to dismiss gaming web of trust issues dismissively. If you're actually concerned about someone cracking the KSP then what you *should* be doing is attempting to educate people on the dangers of KSPs in general, not going after someone who happened to point out that not everyone checks IDs very carefully (an unsuprising reality but one which now has a good measure of proof behind it to base change upon). Heh. I guess we need to have proof of the unsurprising fact that people bleed when pierced with 6 inches of sharp steel too? Would that be just a scientific study to you? Either the KSP was subverted, i which case we have something to educate people about, or 'Cracking' the KSP, such as one could, would be coming up with a fake identity entirely and trying to get people to sign off on it. How do you know that is not what happened? Even that isn't actually all that *dangerous* until someone grants some privilege based on that signature. The Next time that key signs a NM candidates key, and that sig is used to get someone into Debian, privileges would have been granted from a tainted signature. That *isn't* what happened here, No? You can
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Fri, May 26, 2006 at 11:06:31AM -0500, Manoj Srivastava wrote: On 26 May 2006, Thiemo Seufer outgrape: Keysigning isn't for judging behaviour but for confirming identity. * Michael Meskes: This may be a silly question but doesn't my signature only state that I certify this key really belongs to the person it seems to belong to? Exactly. It does not tell us anything about your views regarding that person or the purpose of the key itself. But if official looking purchased identity documents are in play, no one can be sure of succesfully performing an ID check. That's true. But the same holds for an ID card of a foreign country that you might never have seen before. But being German and having seen Martin's German ID card I tend to think I could successfully perform the check back when we met for the first time. Keep in mind though that I just asked about signature revocation. It doesn't seem to make sense for me to revoke my signature. Your mileage may vary if you're unsure about the ID he showed you. I can completely understand that. Furthermore I wonder if he finds someone believing his ID card in the near future. Michael -- Michael Meskes Email: Michael at Fam-Meskes dot De ICQ: 179140304, AIM/Yahoo: michaelmeskes, Jabber: [EMAIL PROTECTED] Go SF 49ers! Go Rhein Fire! Use Debian GNU/Linux! Use PostgreSQL! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Thu, May 25, 2006 at 08:00:23PM +0200, Javier Fernández-Sanguino Peña wrote: FWIW, I noted down those keys I would *not* sign and didn't tell the people at the KSP that I would not sign them. I guess his experiment only one in ten said that they would *not* sign it is moot unless he backs it up with the signatures he eventually got sent from those he showed a wrong ID to. Don't you think this is at least don't fair to people attending KSP? Not even explaining them why they won't receive your signature (which is the whole point of KSP). Something like I'm sorry but this is unacceptable to me (because of this and that) would be okay to educate people showing correct IDs. just my two (pesos) cents, filippo -- Filippo Giunchedi - http://esaurito.net PGP key: 0x6B79D401 random quote follows: I was once walking through the forest alone. A tree fell right in front of me -- and I didn't hear it. -- Steven Wright signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On 5/26/06, Tollef Fog Heen [EMAIL PROTECTED] wrote: While you're obviously free to set your own standards as to whose keysyou sign and not, I have come to the conclusion that the exact samespelling requirement doesn't make that much sense.As an example, take Bdale whose real name isn't Bdale, but Barksdale Garbee III (iirc, it'sbeen some time since I last saw his passport, apologies if for anymisspellings, etc).He goes by the name of Bdale and more people know him by that name than by Barksdale, so signing his key based on thismakes sense.The same goes for middle names people never use, etc.Me too. My passport and NZ Driver's License both say Penelope, but I have gone by Penny all my life, and that's the name on my key. I'm pretty sure there were people at Debconf5 who didn't sign my key because of this. That's fine, everyone is entitled to their choice, although it struck me as a little bit silly. Penny is clearly short for Penelope. Perhaps this was my bad when I made the key displayed a lack of foresight. This is probably not really a useful contribution to this discussion; carry on.Penny-- context: http://she.geek.nz || http://catalyst.net.nz
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Thu, May 25, 2006 at 05:45:42PM -0700, Paul Johnson wrote: On Thursday 25 May 2006 15:26, Mike Hommey wrote: I'm pretty sure we can find official IDs that look so lame that you'd think it's a fake (the old french ones could be good example, and i know people who still use that as an ID, though they wouldn't come to a KSP ; they don't even know what a GPG/PGP key is). Other good examples would be IDs issued to people under age 21 in the state of Washington (printed the wrong direction on the card), Oregon IDs issued prior (...) Also worth noting that Spanish driving license IDs are on that group. They are just (pink) cardboard with your name written in with a typewriter and your picture *stapled* to it. I believe that has changed now (last year?) and driving licenses now look more official (plastic cards) I have always wondered why they are useful in Spain for ID purposes (even for voting in general ellections) since it's a boy's game to unstaple somebody's picture from his driving license and go vote with his ID and your picture in it [0]. Go figure. Regards, Javier [0] As long as he doesn't go and vote too, since the people in the voting table would notice that he has voted twice and probably would have to reject the whole voting box of that table (as they would be unable to find and remove the previous voters' vote). signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Fri, May 26, 2006 at 09:52:48AM +0200, Tollef Fog Heen wrote: Javier Fernández-Sanguino Peña wrote: and not showing any passports or showing passports: [...] - which did not had the *same* spelling as the name in the key (letter by letter) will not get a signature from me. (...) The rule has to be applied with caution, I would be uncomfortable signing somebody's key where I didn't know about them beforehand and their name on the key and passport was a complete miss. I didn't want to imply this was a best practices rule. It's just my *personal* rule for KSP when encountering people I haven't seen/met before [0]. Feel free to use it or drop it, that's your choice. Either case, It's your deccision to enforce whatever additional rules you want to to ID checks at KSP. I think I even heard somebody that said that whenever he goes to a KSP he doesn't sign the key, but waits until he meets him again (with the same fingerprint) in *a different* KSP. That's when he signs it. For me, this rule does make sense too (although I don't use it myself) Regards Javier [1] I actually did not enforce this when I was new to KSP but added the rule later on after having uncomfortable experiences in some. signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Fri, May 26, 2006 at 11:57:09AM +0200, Michael Meskes wrote: On Thu, May 25, 2006 at 04:30:07PM -0500, Manoj Srivastava wrote: On 25 May 2006, Andreas Tille spake thusly: Is there any reason to revoke my signature I have put on Martin's key after he showed me his passport? In my opinion, yes, if you consider subverting the KSP like that unacceptable behaviour. This may be a silly question but doesn't my signature only state that I certify this key really belongs to the person it seems to belong to? It certifies that you've seen the person, that he's shown you his GPG key which he had claimed to be his, and that you have a reasonable suspicion that he is who he claims to be. Given the huge number of different people who sign GPG keys, you cannot reasonably assume anything more than the above about signatures from anyone but yourself (i.e., it is not what you *should* check before signing a key; these are only the checks that you can reasonably assume to have been made). That aside, personally, I don't know what the big fuzz is about. I know who Martin Krafft is; I've seen him at a number of FOSDEM instances, and I've seen him last year in Helsinki, where I called him by his name (to which he reacted), and where literally hundreds of others did the same. Considering that, I don't need a government-issued ID to be sure that he is indeed who he claims to be. I suspect the same is true for many of the other Debian people there. I'd think it'd be very hard to be impersonating someone at a DebConf KSP. -- Fun will now commence -- Seven Of Nine, Ashes to Ashes, stardate 53679.4 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
* Michael Meskes: This may be a silly question but doesn't my signature only state that I certify this key really belongs to the person it seems to belong to? Exactly. It does not tell us anything about your views regarding that person or the purpose of the key itself. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On 26 May 2006, Wouter Verhelst told this: On Fri, May 26, 2006 at 11:57:09AM +0200, Michael Meskes wrote: This may be a silly question but doesn't my signature only state that I certify this key really belongs to the person it seems to belong to? That aside, personally, I don't know what the big fuzz is about. I Err, I thought I had already elucidated what my concerns were. know who Martin Krafft is; I've seen him at a number of FOSDEM instances, and I've seen him last year in Helsinki, where I called him by his name (to which he reacted), and where literally hundreds of others did the same. Considering that, I don't need a government-issued ID to be sure that he is indeed who he claims to be. I suspect the same is true for many of the other Debian people there. This is why they say that the plural of anecdote is not data. I am pretty sure I am not the only person at debconf6 for whom this was the first debconf. If the source of all our identity verification is a) a person says who he is, and b) presents a perhaps purchased off the internet doc saying the same thing, I am not sure _how_ one can have a trust relationship between a name and a fingerprint. manoj -- Don't despair; your ideal lover is waiting for you around the corner. Manoj Srivastava [EMAIL PROTECTED][EMAIL PROTECTED] 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On 26 May 2006, Thiemo Seufer outgrape: Keysigning isn't for judging behaviour but for confirming identity. * Michael Meskes: This may be a silly question but doesn't my signature only state that I certify this key really belongs to the person it seems to belong to? Exactly. It does not tell us anything about your views regarding that person or the purpose of the key itself. But if official looking purchased identity documents are in play, no one can be sure of succesfully performing an ID check. manoj -- To be is to program. Calvin Keegan Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Javier Fernández-Sanguino Peña wrote: On Thu, May 25, 2006 at 05:45:42PM -0700, Paul Johnson wrote: On Thursday 25 May 2006 15:26, Mike Hommey wrote: [snip] [0] As long as he doesn't go and vote too, since the people in the voting table would notice that he has voted twice and probably would have to reject the whole voting box of that table (as they would be unable to find and remove the previous voters' vote). Well that's an interesting way to cook an election... -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEd39JS9HxQb37XmcRAidbAJ9K9m/w9EFTAbwx6qJTLq6JpJDxLACfeRP9 xei3M2uvlbS3lEijPKAb0LI= =tpf9 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On 26 May 2006, Matt Zagrabelny spake thusly: On Thu, 2006-05-25 at 16:16 -0500, Manoj Srivastava wrote: Cracking is not a scientific study. cracking may not be, but determining the average number of people who spot an unofficial id could be construed to be. I can honestly state that that number is like 100%, based on some ID's I have seen created by people associated with my day job. I am not sure what an uncontrolled social engineering effort Given that he is acknowledges trying to dupe people, why do you think he is not lying about the contents of the ID? He didn't try to dupe people and this claim is getting rather old. He did dupe people --- into signing based on an unofficial document which can be purchased at will. And it is obvious that large KSP's have tired people, doing a repititive task, and have a lot of people unfamiliar with key signing. The conclusion was foregon -- rartely do people have scientific studies belabouring the obvious. again, the question (i believe) has to be: what is obvious? it seems, manoj, you are basing a large part of your argument on the fact that ksp are inheritly insecure. but people are constantly testing the obvious things. can they be proved to be insecure? martin is supposed to accept (or know) the fact that ksp are insecure. (though they cant be *proved* to be) *Sigh*, I guess I have to spell it out. Here it goes. There is a large international gathering, with only some people who knew other participants in the KSP. There were several nationalities represented, and the travel documents represented very different standards. Some were written in ink, some were ostensibly extended on a different page from the initial expiration date. In some, the language used for added notes was not a language that people would understand. This group of people also had some people who had never been outside the country, and had no passports. There was no common spoken language all participants were fluent in. English, while coming close, was not there. No one is familiar a priori with passports from all countries represented. Insistence on a passport would have eliminatged people, and passports were not made a requirement before the signing party. There were 120 or so people present. The allocated time was two hours, and the KSP was conducted standing up. This means you have 50 seconds to juggle two sets of ID's, ask about fingerprints, md5sum of the file, and say hello. You did this for two hours, standing up, juggling ID's, pen, pieces of loose paper, and perhaps a bottle of water, since it was hot and conducted outside. You need *PROOF* that id checking was lax, man, your world view is weird. this is an issue. Precisemento. there are countless things that cannot be proved. rsa crypto cannot be proved to be a good crypto, it just appears to be. many things we rely upon have no proof of being good, or right, or what we expect them to provide, we just accept them as they are; and with that we accept the risk of not knowing (for 100%) that things are as we expect them to be. And in this pool of expectations of good faith, any gaming of the system needs to meet with strong disapproval. All I am saying. manoj -- ..you could spend *all day* customizing the title bar. Believe me. I speak from experience. -- Matt Welsh Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Sat, 27 May 2006, Penny Leach wrote: struck me as a little bit silly. Penny is clearly short for Penelope. Only if you are reasonably well acquinted with the English language and usual english names and nicknames. Perhaps this was my bad when I made the key displayed a lack of foresight. There is nothing stopping you from adding a new user-id with your full name and the same email address as you have in your Penny Leach user-id. In fact, I suggest you do so and add that user-id. People can chose which one to sign, they are not forced to sign all user-ids in a key... -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
[EMAIL PROTECTED] dijo [Fri, May 26, 2006 at 10:34:50AM -0500]: know who Martin Krafft is; I've seen him at a number of FOSDEM instances, and I've seen him last year in Helsinki, where I called him by his name (to which he reacted), and where literally hundreds of others did the same. Considering that, I don't need a government-issued ID to be sure that he is indeed who he claims to be. I suspect the same is true for many of the other Debian people there. This is why they say that the plural of anecdote is not data. I am pretty sure I am not the only person at debconf6 for whom this was the first debconf. If the source of all our identity verification is a) a person says who he is, and b) presents a perhaps purchased off the internet doc saying the same thing, I am not sure _how_ one can have a trust relationship between a name and a fingerprint. Well... I personally trust your identity because I saw people who I know are familiar with you on a personal basis (and whom I trust) talk to you naturally, and because people in general knew you are Manoj. And, of course, because you showed me an ID - But I trust more the familiar treatment to you from the SPI people and from former and present DPLs than the government which used your ID. I believe you could trust I am who I say I am - after all, people were calling my name everywhere, and I was just proofing you cannot be in ten places at the same time for the whole time over two weeks :) It might be enough proof for some people that I am Gunnar Wolf - With or without an ID. Greetings, -- Gunnar Wolf - [EMAIL PROTECTED] - (+52-55)5623-0154 / 1451-2244 PGP key 1024D/8BB527AF 2001-10-23 Fingerprint: 0C79 D2D1 2C4E 9CE4 5973 F800 D80E F35A 8BB5 27AF -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On 5/27/06, Henrique de Moraes Holschuh [EMAIL PROTECTED] wrote: Only if you are reasonably well acquinted with the English language andusual english names and nicknames.This is true. One of the people at Debconf 5 I was thinking of, whose name I absolutely have no idea of anymore, was either a native english speaker or pretty fluent. You are of course, correct, but it's not the case in this specific example. There is nothing stopping you from adding a new user-id with your full name and the same email address as you have in your Penny Leach user-id.Infact, I suggest you do so and add that user-id.People can chose which oneto sign, they are not forced to sign all user-ids in a key... Perhaps, but it raises all sorts of questions about identity that are probably off topic here. Apart from anything else, I don't identify with the name 'Penelope' at all. Clearly, my gmail address is penelope.leach, that's because most non numeric variations on 'Penny' were all taken :)I frequently find that people I have known for years never knew my name was Penelope. Perhaps they would refuse to sign the Penelope uid because they have always known me as Penny? It doesn't bother me enough to add a Penelope uid, just another element to the issue of trying to verify identity.-- context: http://she.geek.nz || http://catalyst.net.nz
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Sat, May 27, 2006 at 07:15:53AM +1200, Penny Leach wrote: On 5/26/06, Tollef Fog Heen [EMAIL PROTECTED] wrote: While you're obviously free to set your own standards as to whose keys you sign and not, I have come to the conclusion that the exact same spelling requirement doesn't make that much sense. As an example, take Bdale whose real name isn't Bdale, but Barksdale Garbee III (iirc, it's been some time since I last saw his passport, apologies if for any misspellings, etc). He goes by the name of Bdale and more people know him by that name than by Barksdale, so signing his key based on this makes sense. The same goes for middle names people never use, etc. Me too. My passport and NZ Driver's License both say Penelope, but I have gone by Penny all my life, and that's the name on my key. I'm pretty sure there were people at Debconf5 who didn't sign my key because of this. That's fine, everyone is entitled to their choice, although it struck me as a little bit silly. Penny is clearly short for Penelope. Perhaps this was my bad when I made the key displayed a lack of foresight. Well, it's clear to you and it's clear to many other native English speakers, but for people who don't speak English natively, nickname mappings may be non-obvious. I always tell people who notice Stephen on my ID vs. Steve on my key that yes, that's a normal English nickname, but if you're not comfortable with this explanation, please do not sign my key. Because again, the web of trust in Debian circles is already pretty darn strong as it is, and I don't need people to cut corners in the name of upping key rankings. I'd much rather be promoting responsible keysigning practices than worrying about whether my key is the 250th or 249th best-connected key in the world. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/ signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
Penny Leach wrote: Penny is clearly short for Penelope. No, it is not _clear_. I don't have to know what are the short names for almost any name around. I'm also confused with names in German (correct me if wrong, please) containing, for example 'ö' and being displayed as 'oe', or some of the Russian names. It took me a while to figure that, for example, Stephen Langasek is also Steve Langasek. Even 'Dave' in my own first name, David. I might be in an ignorant environment, but people shouldn't assume that some things are just obvious to *all* the people around the world. It is obvious for me that short name for Francisco is 'Paco' or 'Pancho', or 'Pepe' for José, or 'Beto' for Alberto, Humberto, Roberto, is it obvious and clear for you? This is probably not really a useful contribution to this discussion; carry on. It is. -- David Moreno Garza [EMAIL PROTECTED] | http://www.damog.net/ [EMAIL PROTECTED] | GPG: C671257D Va amazando a sus cuates con un fierro. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Friday 26 May 2006 15:20, Ron Johnson wrote: Javier Fernández-Sanguino Peña wrote: On Thu, May 25, 2006 at 05:45:42PM -0700, Paul Johnson wrote: On Thursday 25 May 2006 15:26, Mike Hommey wrote: [snip] [0] As long as he doesn't go and vote too, since the people in the voting table would notice that he has voted twice and probably would have to reject the whole voting box of that table (as they would be unable to find and remove the previous voters' vote). Well that's an interesting way to cook an election... Method not viable in all jurisdictions. If you've ever wondered why Oregon takes almost as long as Florida to certify national election results, it's not because we can't count or we've had a blatant attempt at voter's fraud, it's because elections is busy checking signatures on ballot envelopes. Oregon abolished the voting booth in 2000: Election Day is actually the last election day of six consecutive weeks we can vote (beat that and your wussy six hours, America!), and we vote at home. You have your option of mailing or handing in your ballot to county elections. Oregon residents that will be outside the state of Oregon on the last day of the election are the only people eligible to register absentee because of this (this is a good thing, since it improves voter turnout and more votes count initially, whereas absentee ballots in all 50 states never get opened unless there's a tie). -- Paul Johnson Email and IM (XMPP Google Talk): [EMAIL PROTECTED] Jabber: Because it's time to move forward http://ursine.ca/Ursine:Jabber pgpIn4EZIVZTm.pgp Description: PGP signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
* Manoj Srivastava ([EMAIL PROTECTED]) wrote: Explanation? What we have here is an act of bad faith, in the guise of demonstrating a weakness. In my experience, one act of bad faith often leads to others. pffft. This is taking it to an extreme. He wasn't trying to fake who he was, it just wasn't an ID issued by a generally recognized government (or perhaps not a government at all, but whatever). This is not unlike, say, the ID of a private university (or possibly a public university since the university itself isn't really a government institution but rather receives gov't funding, heh, I think). And, as he points out, it's not like all gov'ts are all that trustworthy or do much in the way of checking before issueing an ID. It's unfortunate but it's not something we're likely going to be able to fix (the gov't part of it anyway). One thing to consider might be having a select set of people who are already highly trusted and are knowledgeable about the appropriate way to handle key generation, key signing, distribution, etc, create essentially a Debian Certificate Authority. Now, this doesn't *have* to be done using X.509 certs and openssl, it could be done inside the framework of the gpg system and would just mean that there's a specific set of people who are uploader-key-signers or some such. These people would also have the additional task of educating newcomers on the importance of careful key management, etc. Obvious initial candidates for this might include: ftpmasters, DAMs, AMs, debian-keyring maintainer. Thanks, Stephen signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
* Stephen Frost ([EMAIL PROTECTED]) wrote: * Manoj Srivastava ([EMAIL PROTECTED]) wrote: On 25 May 2006, Stephen Frost verbalised: * Manoj Srivastava ([EMAIL PROTECTED]) wrote: Explanation? What we have here is an act of bad faith, in the guise of demonstrating a weakness. In my experience, one act of bad faith often leads to others. pffft. This is taking it to an extreme. He wasn't trying to fake who he was, it just wasn't an ID issued by a generally recognized government (or perhaps not a government at all, but whatever). If you think an ID from a place that issue you any ID when you pay for it is valid, I probably will not trust a key signed by you, and I would also suggest other people do not. I wasn't making any claim as to the general validity of IDs which are purchased and I'm rather annoyed that you attempted to extrapolate it out to such. What I said is that he wasn't trying to fake who he was, as the information (according to his blog anyway, which he might be lieing on but I tend to doubt it) on the ID was, in fact, accurate. Indeed, to the best of my recollection the name and picture on both his Transnational ID and his official German Identification Card matched (well they weren't the same picture, but they were both pictures of him). Now of course you don't have to take my word for that, but if it's any reassurance at all, he wasn't trying to fake who he was or obtain signatures under false pretenses. He was just conducting an experiment to see how much people really *check* the ID they're looking at. It's a good lesson, and I'd rather Martin demonstrate it rather someone with actual malicious intent. As to bad faith, since most pot smokers do not become crystal meth addicts and most jay walkers do not become serial killers, I'm not concerned that Martin will begin rooting the project's boxes. If you're upset about this because you had planned to sign it and now feel 'duped' then I suggest you get past that emotional hurdle and come back to reality. No one 'crack'ed anything here (that we know of anyway) and while not signing his key because of this is reasonable, or even revoking a signature which had been based on this ID, the constant inflammatory claims of Martin being a 'cracker' and how this could lead to other 'cracks' is extreme, insulting, and childish. -- Eric Dorland [EMAIL PROTECTED] ICQ: #61138586, Jabber: [EMAIL PROTECTED] 1024D/16D970C6 097C 4861 9934 27A0 8E1C 2B0A 61E9 8ECF 16D9 70C6 -BEGIN GEEK CODE BLOCK- Version: 3.12 GCS d- s++: a-- C+++ UL+++ P++ L++ E++ W++ N+ o K- w+ O? M++ V-- PS+ PE Y+ PGP++ t++ 5++ X+ R tv++ b+++ DI+ D+ G e h! r- y+ --END GEEK CODE BLOCK-- signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On 25 May 2006, Stephen Frost spake thusly: * Manoj Srivastava ([EMAIL PROTECTED]) wrote: On 25 May 2006, Stephen Frost spake thusly: I wasn't making any claim as to the general validity of IDs which are purchased and I'm rather annoyed that you attempted to extrapolate it out to such. What I said is that he wasn't trying to fake who he was, as the information (according to his blog anyway, which he might be lieing on but I tend to doubt it) on the ID was, in fact, accurate. He has already bragged about how he cracked the KSP by presenting an unofficial ID which he bought -- an action designed to show the weakness of signing parties. So, this was a bad faith act, since the action was not to show an valid, official ID to extend the web of trust, but to see how many people could be duped into signing his key. Pffft. Again, I call foul. That was as much 'bragging' as any scientist reporting on a study. It *wasn't* done in bad faith, as the information on the ID (now independtly confirmed even) *was* accurate. Cracking is not a scientific study. Given that he is acknowledges trying to dupe people, why do you think he is not lying about the contents of the ID? He didn't try to dupe people and this claim is getting rather old. He did dupe people --- into signing based on an unofficial document which can be purchased at will. And it is obvious that large KSP's have tired people, doing a repititive task, and have a lot of people unfamiliar with key signing. The conclusion was foregon -- rartely do people have scientific studies belabouring the obvious. Duping people would have actually been putting false information on the ID and generating a fake key and trying to get someone to sign off on the fake key based on completely false information. The contents of the ID were accurate, as was his key, there was no I, for one, have no way of knowing if that was not the case. duping or lying. Whineing that he showed a non-government ID at a KSP and saying that's duping someone is more than a bit of a stretch, after all, I've got IDs issued by my company, my university, my state, my federal gov't, etc. Would I be 'duping' people if I showed them my company ID? What about my university ID? Would it have garnered this reaction? I doubt it. The directive at the KSP was that you showed people an official pho ID -- a passport if you had one, or whatever you had available if you were local. Putting in a purchased card (I know there are several places around that create official looking docments in exchange for money is subvering the KSP). If you're upset about this because you had planned to sign it and now feel 'duped' then I suggest you get past that emotional hurdle and come back to reality. Rubbish. The reality I am concerned about is someone cracking the KSP and duping people into signing his hey when they had been fooled into thinking they were looking at an unfamiliar official ID. The reality is that you're turning this into something much, much larger than it actually is. I can't help it if you think presenting unofficial ID at a debian KSP does not amount to much. I tend not to dismiss gaming web of trust issues dismissively. If you're actually concerned about someone cracking the KSP then what you *should* be doing is attempting to educate people on the dangers of KSPs in general, not going after someone who happened to point out that not everyone checks IDs very carefully (an unsuprising reality but one which now has a good measure of proof behind it to base change upon). Heh. I guess we need to have proof of the unsurprising fact that people bleed when pierced with 6 inches of sharp steel too? Would that be just a scientific study to you? Either the KSP was subverted, i which case we have something to educate people about, or 'Cracking' the KSP, such as one could, would be coming up with a fake identity entirely and trying to get people to sign off on it. How do you know that is not what happened? Even that isn't actually all that *dangerous* until someone grants some privilege based on that signature. The Next time that key signs a NM candidates key, and that sig is used to get someone into Debian, privileges would have been granted from a tainted signature. That *isn't* what happened here, No? You can prove that? and, indeed, being rather well known (it seems) there would have made it more difficult for him to pull off than, say, someone off the street. Well known to whom? I, for one, did not know very many people at the conference, and large chunks of people were in my shoes. Also, people who did know the perp were unlikely to look closely at the fake documents being brandished. No one 'crack'ed anything here (that we know of anyway) and while not signing his key because of this is reasonable, or even revoking
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Thu, May 25, 2006 at 04:16:24PM -0500, Manoj Srivastava [EMAIL PROTECTED] wrote: The KSP was cracked, People signed a key without ever looking at proper, official ID. You can try and save face by calling it whatever you want, but that does not change the reality. Manoj, how do *you* ensure the ID that someone presents you is a proper, official ID ? I'm pretty sure we can find official IDs that look so lame that you'd think it's a fake (the old french ones could be good example, and i know people who still use that as an ID, though they wouldn't come to a KSP ; they don't even know what a GPG/PGP key is). You could also find fake IDs that look quite official. Actually, the whole thing is that if you want to subvert the key signing process, you can do it pretty easily. A lot of people buy fake passports or IDs for whatever reasons ; subverting a KSP is just a new kind of reason. So, if you're afraid of fake IDs, just stop signing keys. Mike -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
Joey Hess [EMAIL PROTECTED] writes: My memory is horrible, but IIRC James Troup (ie, our keymaster..) did some similar study at the DebConf5 KSP and ended up with a list of people whose GPG signtures he didn't trust anymore because of whatever trick they fell for. Err, for the record, no I didn't. I didn't attend or (AFAICR) even submit my key for the KSP at DC5. My key was part of the DC4 KSP materials, but I didn't manage to attend in the end. A couple of people signed my key despite my lack of attendance and one of them an NM applicant, IIRC. Again from memory, Martin talked to the NM in question who was very apologetic, claimed it was an honest mistake, he'd ticked the wrong person in the list, etc. or something similar. I don't recall anything further happening about that or any previous incidents to which you might be referring. -- James -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On 25 May 2006, Stephen Frost spake thusly: * Manoj Srivastava ([EMAIL PROTECTED]) wrote: On 25 May 2006, Stephen Frost verbalised: * Manoj Srivastava ([EMAIL PROTECTED]) wrote: Explanation? What we have here is an act of bad faith, in the guise of demonstrating a weakness. In my experience, one act of bad faith often leads to others. pffft. This is taking it to an extreme. He wasn't trying to fake who he was, it just wasn't an ID issued by a generally recognized government (or perhaps not a government at all, but whatever). If you think an ID from a place that issue you any ID when you pay for it is valid, I probably will not trust a key signed by you, and I would also suggest other people do not. I wasn't making any claim as to the general validity of IDs which are purchased and I'm rather annoyed that you attempted to extrapolate it out to such. What I said is that he wasn't trying to fake who he was, as the information (according to his blog anyway, which he might be lieing on but I tend to doubt it) on the ID was, in fact, accurate. He has already bragged about how he cracked the KSP by presenting an unofficial ID which he bought -- an action designed to show the weakness of signing parties. So, this was a bad faith act, since the action was not to show an valid, official ID to extend the web of trust, but to see how many people could be duped into signing his key. Given that he is acknowledges trying to dupe people, why do you think he is not lying about the contents of the ID? If you're upset about this because you had planned to sign it and now feel 'duped' then I suggest you get past that emotional hurdle and come back to reality. Rubbish. The reality I am concerned about is someone cracking the KSP and duping people into signing his hey when they had been fooled into thinking they were looking at an unfamiliar official ID. No one 'crack'ed anything here (that we know of anyway) and while not signing his key because of this is reasonable, or even revoking a signature which had been based on this ID, the constant inflammatory claims of Martin being a 'cracker' and how this could lead to other 'cracks' is extreme, insulting, and childish. And I think your attitude is naive, optimistic, and dangerous. This was a subversion of the KSP. Admittedly, KSP's are fragile, and people get tired, and glassy eyed from looking at too many unfamiliar official looking documents. It takes little social engineering to fool people into signing based on fake documents. Admittedly, in the world of cracking this is the equivalent of running off with the handbag of an old lady on crutches, which is why one speculates about where the next crack is headed for. manoj -- It is better to live rich than to die rich. Samuel Johnson Manoj Srivastava [EMAIL PROTECTED] http://www.datasync.com/%7Esrivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On 25 May 2006, Luca Capello uttered the following: Hello! On Thu, 25 May 2006 15:39:44 +0200, Henrique de Moraes Holschuh wrote: On Thu, 25 May 2006, Manoj Srivastava wrote: It has come to my attention that Martin Kraff used an unofficial, and easily forge-able, identity device at a large key [...] Should you not have *signed* a message of this sort? I certainly won't do anything until I know for sure it came from you. And preferably, we need to hear Martin's side as well, before doing anything hasty (like either signing keys, or revoking signatures of keys). FYI, Martin's explanation is at [1], which passed on Planet Debian. Explanation? What we have here is an act of bad faith, in the guise of demonstrating a weakness. In my experience, one act of bad faith often leads to others. What we have here is cracking the KSP. Cracking a KSP is of no big account; they are fragile things to start with. And then there is the brag about the exploit, which is again sterotypical of crackers. Cracks are done for bragging rights, and thinly vieled as being done for the users own good (I defaced your web site to show you you need better security). But cracking the KSP is not earn very many bragging rights. So what's next? Cracking the NM by sending in fake candidates? Or perhaps cracking the legendary reputation that Debian has for solidity by passing in a back door? Now that would be a crack worth bragging about. manoj -- The chat program is in public domain. This is not the GNU public license. If it breaks then you get to keep both pieces. (Copyright notice for the chat program) Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
* Manoj Srivastava ([EMAIL PROTECTED]) wrote: On 25 May 2006, Stephen Frost verbalised: * Manoj Srivastava ([EMAIL PROTECTED]) wrote: Explanation? What we have here is an act of bad faith, in the guise of demonstrating a weakness. In my experience, one act of bad faith often leads to others. pffft. This is taking it to an extreme. He wasn't trying to fake who he was, it just wasn't an ID issued by a generally recognized government (or perhaps not a government at all, but whatever). If you think an ID from a place that issue you any ID when you pay for it is valid, I probably will not trust a key signed by you, and I would also suggest other people do not. I wasn't making any claim as to the general validity of IDs which are purchased and I'm rather annoyed that you attempted to extrapolate it out to such. What I said is that he wasn't trying to fake who he was, as the information (according to his blog anyway, which he might be lieing on but I tend to doubt it) on the ID was, in fact, accurate. If you're upset about this because you had planned to sign it and now feel 'duped' then I suggest you get past that emotional hurdle and come back to reality. No one 'crack'ed anything here (that we know of anyway) and while not signing his key because of this is reasonable, or even revoking a signature which had been based on this ID, the constant inflammatory claims of Martin being a 'cracker' and how this could lead to other 'cracks' is extreme, insulting, and childish. Thanks, Stephen signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
On Thu, May 25, 2006 at 05:30:23PM +0200, Luca Capello wrote: FYI, Martin's explanation is at [1], which passed on Planet Debian. Thx, bye, Gismo / Luca [1] http://blog.madduck.net/geek/2006.05.24-tr-id-at-keysigning FWIW, I noted down those keys I would *not* sign and didn't tell the people at the KSP that I would not sign them. I guess his experiment only one in ten said that they would *not* sign it is moot unless he backs it up with the signatures he eventually got sent from those he showed a wrong ID to. That being said I (personally) already decided not to sign people that showed me something that was *not* a passport and noted that in my KSP paper page through it. Unfortunately, I'm not confindent in my ability to disntiguish forgeries so that means that people: - showing university cards - showing election votation cards (some from MX) - showing their country's ID card and not showing any passports or showing passports: - which were hand-written or which I could not really understand why they had extended expiration - with pictures which did not resemble the guy in front of me (beard, glasses, too young...) - which did not had the *same* spelling as the name in the key (letter by letter) will not get a signature from me. Regards Javier PS: Maybe some will understand *now* why it took me more time to check IDs than them. signature.asc Description: Digital signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
Hello! On Thu, 25 May 2006 15:39:44 +0200, Henrique de Moraes Holschuh wrote: On Thu, 25 May 2006, Manoj Srivastava wrote: It has come to my attention that Martin Kraff used an unofficial, and easily forge-able, identity device at a large key [...] Should you not have *signed* a message of this sort? I certainly won't do anything until I know for sure it came from you. And preferably, we need to hear Martin's side as well, before doing anything hasty (like either signing keys, or revoking signatures of keys). FYI, Martin's explanation is at [1], which passed on Planet Debian. Thx, bye, Gismo / Luca [1] http://blog.madduck.net/geek/2006.05.24-tr-id-at-keysigning pgpa1W56G5ktc.pgp Description: PGP signature
Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys
I think two related, but seperate, issues are being conflated in this discussion. The first is the identity of the person you are talking to at a key signing event. This is, and always has been, the weakest point of the affair. It is reasonably trivial to forge reasonable looking government documents, especially from a country whose document format you know most people are going to be unfamiliar with. I happen to have met Martin several times, and am at this point reasonably sure that the face I know as Martin is going to keep on calling himself Martin. This isn't really the point of keysigning though, at least from my point of view. It is still possible for me to be reaonably sure Martin is Martin, and have no idea who controls the key he says is his. The important part of keysigning, from my point of view, is that the person who controls the private part of a gpg key is known, for some version of known. I am not really interested whether or not that person has a valid government ID, just that it is the same person from contact to contact (or upload to upload). It seems to me that the only way to be reasonably sure that the person you met is the person who replies to an encrypted email is to use some sort of unique tokens exchanged at the event, and later verified by gpg encrypted email. Since we can't do anything like that in large keysigning parties (the time it would take is prohibitive, not to mention the necessary lack of secrecy in the exchange of tokens), I doubt we're approaching anything like real validation. So, now that my ramble is done, I guess what I'm saying is that these events _by design_ are incapable of providing any real assurance about someone's identity, and they tell us even less about who controls the private key in question. I'm not sure if that makes them useless, or if they should just get a different trust level, or what. Just my 2p, -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
