Re: Endorsing David Suárez Rodríguez's key C450196033B24682EFE44C9D7CB6E83D8605423A

[Pierre-Elliott Bécue]

Le mardi 01 décembre 2020 à 18:13:15-, Eugene V. Lyubimkin (via 
nm.debian.org) a écrit :
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
> 
> Although it looks like David has enough signatures from other sources now, I'm
> adding it for posterity.
> 
> 
> I have interacted with David using his present e-mail [1] and one of David's
> previous keys [2], on numerous occasions in 2012, 2013 and 2014 by sponsoring
> one of his packages. His application key [3] has a valid GPG signature from
> key [2].
> 
> In 2019, we interacted briefly using key different from [2] and [3].
> 
> In 2020, I have interacted with David using his e-mail [1] and his DD
> application key [3] by receiving signed e-mails from him. I have additionally
> verified that, in 2020:
>  - David can read an e-mail encrypted for him using key [2];
>  - David can reproduce bits from our private communication in 2013 in a signed
>e-mail using key [3].
> 
> Therefore, I without a doubt conclude that David is in possession of e-mail
> [1], keys [2][3], and is the same person I've interacted with starting back in
> 2012.
> 
> 
> [1] david.sephi...@gmail.com
> [2] 0x65C6949B0B33E24E
> [3] 0x7CB6E83D8605423A
> 
> - --
> Composed on 2020-12-01.
> -BEGIN PGP SIGNATURE-
> 
> iQIzBAEBCAAdFiEEUF0Kp4+Q9rI8wpaop+2DH1mzoOgFAl/Gh4oACgkQp+2DH1mz
> oOgdgBAAhuoN3SMF6m5e345FpdXzswCMjTUCEJ78BXYUSuY62PgtV84LQrKnz2vD
> TdEvwok8DgcygS/dBKIo3Lc7gHVzv7PxiIOjxp/SPOrNmKEE4HmFjwZ08nEptk7E
> Eoxf0JiIM+hxFQw04DWC0kuBVdlElPuNUIQhXBysv5agab+3zTrTo9CI7mu9glj9
> kMMkVELG3JadgQwLeJ47oYxWMFwgKRUc6/w+jdLMmPk1EP+jf/zn8sN94CXDzwYW
> By3Rl2nmTwnEv9Gu8cIjs2foreue+rsyqLqilJEyksbaDFqYz7+lGSnzQy1bE9TP
> zCd8PzrME0gIzj8areh0iZAPCNFT0BAZitdCv/vO5o/1g/8CsKhJgw9VRZJhbEqH
> 0uBQftGT08rasW5+N/aM64Fg/pSWim/i47C4X2nujjQtkPf/DToGTnGG9u8t5tBP
> Nv6MY34bt8U/xhs+lFlS3EsvrVRgisoPX8GW24l25/EiXr/bwBp1G85av7DyHn+U
> TUr7raE9EOKNCu6RjayOgd1FIrVOINLLEUngcykj3laFLSLw4K8NNHuPT4Qf2ge8
> bNAftGl0cnI6+0KVbjDqDFLTa3SACv9kXTmGtscitEsZxqZX0SwhGXsyo3c2xIQH
> ikdh1Iq0tlO6ygVQQ2gz3N4sE1cN1ycQO3xTk4OcoTWQyT6xCzE=
> =ysaQ
> -END PGP SIGNATURE-

Thanks a lot for doing so, it'll probably serve other people looking for
examples!

-- 
Pierre-Elliott Bécue
GPG: 9AE0 4D98 6400 E3B6 7528  F493 0D44 2664 1949 74E2
It's far easier to fight for one's principles than to live up to them.


signature.asc
Description: PGP signature

Re: Endorsing David Suárez Rodríguez's key C450196033B24682EFE44C9D7CB6E83D8605423A

[Sam Hartman]

> "Sam" == Sam Hartman  writes:


I found the page where I can check this for myself (thanks nm team) and
confirmed there are two dd sigs, so the endorcement does not matter.

Re: Endorsing David Suárez Rodríguez's key C450196033B24682EFE44C9D7CB6E83D8605423A

[Sam Hartman]

> "Santiago" == Santiago Ruano Rincón  writes:

Santiago> Hi Eugene, El 29/11/20 a las 16:58, Eugene V. Lyubimkin
Santiago> (via nm.debian.org) escribió:
>> -BEGIN PGP SIGNED MESSAGE- Hash: SHA256
>> 
>> Previously interacted with David using his old key which signs
>> his present key.
Santiago> ...

Santiago> With my Front Desk member hat on, I'd prefer this key
Santiago> statement concerned the key David is currently using.

Did this endorcement end up not getting used?
I noticed your process comment that there were two dd sigs.
So, did David end up finding signatures on the key rather than going the
endorcement route?
If this endorcement ends up being part of what you relied on for the key
consistency checks, I'd like to dig in a bit more.


signature.asc
Description: PGP signature

Re: Endorsing David Suárez Rodríguez's key C450196033B24682EFE44C9D7CB6E83D8605423A

[Santiago Ruano Rincón]

Hi Eugene,

El 29/11/20 a las 16:58, Eugene V. Lyubimkin (via nm.debian.org) escribió:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
> 
> Previously interacted with David using his old key which signs
> his present key.
...

With my Front Desk member hat on, I'd prefer this key statement
concerned the key David is currently using.

If you are not in position to endorse David's current key, could you
please, at least, specify what is the fingerprint of the previous key?

Cheers,

 -- Santiago


signature.asc
Description: PGP signature