On Wed, Jun 07, 2006 at 01:22:56AM +0100, Wookey wrote:
I have no idea what it would take to persuade you that I am who I say I am,
but if you _only_ accept National Passports then it would appear to be
impossible in my case (which I realise is something of a corner-case).
I would probably
+++ Javier Fernández-Sanguino Peña [06-05-25 20:00 +0200]:
That being said I (personally) already decided
...[people]
not showing any passports or showing passports:
- which did not had the *same* spelling as the name in the key (letter by
letter)
will not get a signature from me.
On Thu, Jun 01, 2006 at 12:41:52AM +0200, Javier Fernández-Sanguino Peña wrote:
On Mon, May 29, 2006 at 02:48:33PM +0200, Wouter Verhelst wrote:
Then there's the issue of tracing who did an actual upload into the real
world. A name on a GPG key is not, by any means, an effective way to do
On Mon, May 29, 2006 at 02:48:33PM +0200, Wouter Verhelst wrote:
Then there's the issue of tracing who did an actual upload into the real
world. A name on a GPG key is not, by any means, an effective way to do
that, since it does not contain enough information to get out the black
helicopters.
On Thu, Jun 01, 2006 at 12:41:52AM +0200, Javier Fernández-Sanguino Peña
[EMAIL PROTECTED] wrote:
On Mon, May 29, 2006 at 02:48:33PM +0200, Wouter Verhelst wrote:
Then there's the issue of tracing who did an actual upload into the real
world. A name on a GPG key is not, by any means, an
On Sun, May 28, 2006 at 08:57:55PM -0700, Thomas Bushnell BSG wrote:
If I were to crack a key signing party, using Bubba's travel
documents, I too would swear up and down the street that he indeed
correctly and diligently verified all kinds of _other_ government
ID's when
On Sun, May 28, 2006 at 10:37:39PM -0500, Manoj Srivastava wrote:
On 27 May 2006, martin f. krafft spake thusly:
From within the project, what matters is that everything you do
within the project can be attributed to one and the same person: the
same person that went through our NM process.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, 27 May 2006 16:21:22 -0700
Paul Johnson [EMAIL PROTECTED] wrote:
On Saturday 27 May 2006 16:12, Ron Johnson wrote:
Paul Johnson wrote:
On Saturday 27 May 2006 14:12, Steinar H. Gunderson wrote:
On Sat, May 27, 2006 at 01:54:03PM
Javier Fernández-Sanguino Peña dijo [Sun, May 28, 2006 at 11:40:46PM +0200]:
For me, yes, some questions asked, some delays involved, but no
detailed background checks. I'm sure neither the FBI or the CIA (or,
as for Mexican authorities, CISEN or PGR) were involved.
Then some
Steve Langasek [EMAIL PROTECTED] writes:
On Sun, May 28, 2006 at 08:57:55PM -0700, Thomas Bushnell BSG wrote:
If I were to crack a key signing party, using Bubba's travel
documents, I too would swear up and down the street that he indeed
correctly and diligently verified all
Hello, On 5/26/06, David Moreno Garza [EMAIL PROTECTED] wrote:
You _usually_ don't get your passport stamped? Really? In recent flights?I have never entered Mexico back without the Immigration seal.Yeah, depends on the mood of the one attending you.
True! And even by plane! Which I found extremely
On Sun, May 28, 2006 at 11:40:46PM +0200, Javier Fernández-Sanguino Peña wrote:
(...) they *have* to provide you with a passport. Not because it is
a requirement, but because you have the *right* to travel abroad (at
least it is in Spain)
That's a human right, as defined by the Universal
Javier Fernández-Sanguino Peña wrote:
Regardless of this, I think it would be nice to have a document (wikipedia
article?) listing official documents of countries all over the world. KSP
attendants need not base their decissions on this, but could be useful
as background information.
If
Tyler MacDonald wrote:
WTF? In Oregon, if you have a driver's license, you cannot get an ID card.
If you have an ID card, you have to surrender it to get a driver's license.
You're only legally allowed one ID.
Weird!
Not really, same rules apply in Virginia, AFAIK.
You can still
On Sat, May 27, 2006 at 02:12:48PM -0700, Steve Langasek wrote:
On Sat, May 27, 2006 at 05:28:35PM +0200, Filippo Giunchedi wrote:
Is there a list of official documents (with photos) that we can consider
acceptable for a KSP?. If there's not we definitely need one.
However this is rather
On Sat, May 27, 2006 at 04:47:20PM -0500, martin f krafft wrote:
The Debian project heavily relies on keysigning for much of its
work. However, I think the question what the signing of a key
actually accomplishes has not been properly addressed. In my
opinion, from the point of view of the
This one time, at band camp, Paul Johnson said:
On Saturday 27 May 2006 16:49, Thomas Bushnell BSG wrote:
Paul Johnson [EMAIL PROTECTED] writes:
The vote at champoeg was when the Oregon Territory voted to become
Canadian. We're on the south side of the border exclusively due to
the
Quoting Andreas Barth ([EMAIL PROTECTED]):
I know that Peter Palfrader (weasel) submits sometimes a clear fake key
to KSPs and looks for people signing it. (No, there is nobody there who
claims to be that person. Only the key on the list.)
For future reference, I personnally dislike people
On Sat, May 27, 2006 at 01:55:44PM -0500, Manoj Srivastava wrote:
On 27 May 2006, Gunnar Wolf verbalised:
For me, yes, some questions asked, some delays involved, but no
detailed background checks. I'm sure neither the FBI or the CIA (or,
as for Mexican authorities, CISEN or PGR) were
On Sat, May 27, 2006 at 04:47:20PM -0500, martin f krafft wrote:
Dear Manoj, dear fellow DDs,
Hi, I'm just going to address the question you made that was directed to me.
also sprach Javier Fernández-Sanguino Peña [EMAIL PROTECTED]
[2006.05.25.1300 -0500]:
FWIW, I noted down those keys I
Hi,
First of all, my name is Martin Felix Krafft (with a final 't'), and
my GPG key ID is 0x330c4a75. The unofficial ID I presented listed
that name (without the middle name), a photo is available from [1]
(sorry, can't do better now). Thus, the ID card is an unofficial
card, but the
Junichi Uekawa [EMAIL PROTECTED] wrote:
This has opened a can of worms; because your transnational ID was as
official as it could get. Most of us do not know what other countries
consider to be official, and it's more of an intent and goodwill
rather than scientific or legally binding
Junichi Uekawa [EMAIL PROTECTED] writes:
This has opened a can of worms; because your transnational ID was as
official as it could get. Most of us do not know what other countries
consider to be official, and it's more of an intent and goodwill
rather than scientific or legally binding
On 27 May 2006, martin f. krafft spake thusly:
Dear Manoj, dear fellow DDs,
I guess I could have known that this experiment of mine would turn
into a huge thread, unfortunately extending across two mailing
lists. Thus, it is surely in order for me to apologise for being the
cause that your
Manoj Srivastava wrote:
On 27 May 2006, martin f. krafft spake thusly:
Dear Manoj, dear fellow DDs,
I guess I could have known that this experiment of mine would turn
into a huge thread, unfortunately extending across two mailing
lists. Thus, it is surely in order for me to apologise for
Manoj Srivastava [EMAIL PROTECTED] writes:
Any act of deception, meant to exploit the weaknesses of the
system rather than participating in a key signing in good faith is
likely to have had this effect, yes.
That's true. What about Martin's actions, as they have been reported,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Er, is it just me or isn't the point of gnupg that there *are* people
you *can't trust*. We wouldn't be needing digital signatures if
everybody honoured the 'gentleman's agreement' that we should only
sign as ourselves (or at most as a pseudonym that
On Sun, May 28, 2006 at 11:57:43PM -0400, Roberto C. Sanchez wrote:
The identification showed his real name and real likeness [0]. He did not
misrepresent any information in either obtaining the document or in
presenting it to those who requested he identify himself.
The real issue is that,
Steve Langasek [EMAIL PROTECTED] writes:
On Sun, May 28, 2006 at 11:57:43PM -0400, Roberto C. Sanchez wrote:
The identification showed his real name and real likeness [0]. He did not
misrepresent any information in either obtaining the document or in
presenting it to those who requested he
On Fri, May 26, 2006 at 04:18:15PM -0700, Paul Johnson wrote:
On Friday 26 May 2006 00:50, Josselin Mouette wrote:
Le jeudi 25 mai 2006 à 02:36 -0500, Manoj Srivastava a écrit :
It has come to my attention that Martin Kraff used an
unofficial, and easily forge-able, identity
On Saturday 27 May 2006 00:38, Daniel Stone wrote:
But what does it matter? Can you spot a fake Victorian drivers'
licence? Fake German ID card? Do you know the distinguishing marks
that differentiate a real Australian passport from fakes?
No, but I also won't sign keys of someone with an
On Fri, May 26, 2006 at 12:33:54PM -0500, Gunnar Wolf wrote:
Within the Schengen area (European Union plus Norway, Vatican,
and... any others?), you travel between countries without even waving
your passport at anybody.
That's not fully true. You have to show your passport to the *first*
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 26 May 2006 16:24:27 -0700
Paul Johnson [EMAIL PROTECTED] wrote:
On Friday 26 May 2006 15:20, Ron Johnson wrote:
Javier Fernández-Sanguino Peña wrote:
On Thu, May 25, 2006 at 05:45:42PM -0700, Paul Johnson wrote:
On Thursday 25 May
On 5/27/06, Javier Fernández-Sanguino Peña [EMAIL PROTECTED] wrote:
On Fri, May 26, 2006 at 12:33:54PM -0500, Gunnar Wolf wrote:
Within the Schengen area (European Union plus Norway, Vatican,
and... any others?), you travel between countries without even waving
your passport at anybody.
Javier Fernández-Sanguino Peña wrote:
On Thu, May 25, 2006 at 05:30:23PM +0200, Luca Capello wrote:
FYI, Martin's explanation is at [1], which passed on Planet Debian.
Thx, bye,
Gismo / Luca
[1] http://blog.madduck.net/geek/2006.05.24-tr-id-at-keysigning
FWIW, I noted down those
On 26 May 2006, Christian Pernegger told this:
Stop signing keys for Debian developers, since purchased ID's are
acceptable in this community? ;)
There's a difference between 'purchase' and 'pay for' in this
context. I have always had to pay for any kind of ID card, be it
passport,
On Fri, May 26, 2006 at 03:09:04PM +0200, Filippo Giunchedi wrote:
On Thu, May 25, 2006 at 08:00:23PM +0200, Javier Fernández-Sanguino Peña
wrote:
FWIW, I noted down those keys I would *not* sign and didn't tell the people
at the KSP that I would not sign them. I guess his experiment only
On Fri, May 26, 2006 at 05:20:59PM -0500, Ron Johnson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Javier Fernández-Sanguino Peña wrote:
On Thu, May 25, 2006 at 05:45:42PM -0700, Paul Johnson wrote:
On Thursday 25 May 2006 15:26, Mike Hommey wrote:
[snip]
[0] As long as he
On Sat, May 27, 2006 at 04:04:33PM +0200, Moritz Muehlenhoff wrote:
That being said I (personally) already decided not to sign people that
showed
me something that was *not* a passport and noted that in my KSP paper page
through it. Unfortunately, I'm not confindent in my ability to
On Fri, May 26, 2006 at 04:54:19PM +0200, Javier Fernández-Sanguino Peña wrote:
[snip]
Also worth noting that Spanish driving license IDs are on that group. They
are just (pink) cardboard with your name written in with a typewriter and
your picture *stapled* to it. I believe that has changed
Steve Langasek [EMAIL PROTECTED] writes:
What do you think we get by having the signed ID? What advantages
accrue to Debian by having this check that someone's real name is what
we think it is?
I think it's a good thing, I agree with our practice, but I'm not sure
what vast security hole
Paul Johnson [EMAIL PROTECTED] writes:
I would be more inclined to do that to the people who signed his key
based on the Transnational Republic ID.
So, who are those people? Is Manoj one of them?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble?
On Fri, May 26, 2006 at 04:54:19PM +0200, Javier Fernández-Sanguino Peña wrote:
On Thu, May 25, 2006 at 05:45:42PM -0700, Paul Johnson wrote:
On Thursday 25 May 2006 15:26, Mike Hommey wrote:
I'm pretty sure we can find official IDs that look so lame that you'd think
it's a fake
Also worth
On Fri, May 26, 2006 at 12:33:54PM -0500, Gunnar Wolf wrote:
Within the Schengen area (European Union plus Norway, Vatican,
and... any others?), you travel between countries without even
waving your passport at anybody.
Yes, but that's because the Schengen area is one area in this. You
still
On Sat, May 27, 2006 at 04:07:22PM +0200, Martijn van Oosterhout wrote:
The obvious example is the UK, which insists on checking your
passport if you come from the mainland.
The www.britishembassy.gov.uk website suggests EEA nationals need only
an ID card.
--
Lionel
--
To UNSUBSCRIBE,
Manoj Srivastava dijo [Sat, May 27, 2006 at 09:38:00AM -0500]:
Only if we take the word of someone who was trying to subvert
the keysigning to belavour the obvious that it is easy to get people
to sign using purchased ID's. How do you know the claim about the
check was not another
On 27 May 2006, Gunnar Wolf verbalised:
Manoj Srivastava dijo [Sat, May 27, 2006 at 09:38:00AM -0500]:
Only if we take the word of someone who was trying to subvert the
keysigning to belavour the obvious that it is easy to get people to
sign using purchased ID's. How do you know the claim
Paul Johnson [EMAIL PROTECTED] writes:
On Friday 26 May 2006 18:34, Russ Allbery wrote:
You can get a passport.
Yeah, if I really want to give a country I don't really have much of any
allegence to, and consider foreign, my money and wait around for a few
months. I'm Oregonian, not
On Saturday 27 May 2006 06:17, Jacob S wrote:
Oregon abolished the voting booth in 2000: Election Day is
actually the last election day of six consecutive weeks we can vote
(beat that and your wussy six hours, America!), and we vote at home.
You have your option of mailing or handing in
On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote:
Oregon abolished the voting booth in 2000
Oh, so they get better counts and less fraud by doing away with ballot
secrecy. How wonderful.
No, that's not how it works, your ballot is still secret. Think about it for
a minute. You
On Sat, May 27, 2006 at 05:28:35PM +0200, Filippo Giunchedi wrote:
Is there a list of official documents (with photos) that we can consider
acceptable for a KSP?. If there's not we definitely need one.
However this is rather tricky because the list itself should be authenticated
somehow, with
On Saturday 27 May 2006 13:41, Russ Allbery wrote:
Paul Johnson [EMAIL PROTECTED] writes:
On Friday 26 May 2006 18:34, Russ Allbery wrote:
You can get a passport.
Yeah, if I really want to give a country I don't really have much of any
allegence to, and consider foreign, my money and
On Saturday 27 May 2006 10:19, Thomas Bushnell BSG wrote:
Paul Johnson [EMAIL PROTECTED] writes:
I would be more inclined to do that to the people who signed his key
based on the Transnational Republic ID.
So, who are those people? Is Manoj one of them?
Martin has yet to name names.
--
Dear Manoj, dear fellow DDs,
I guess I could have known that this experiment of mine would turn
into a huge thread, unfortunately extending across two mailing
lists. Thus, it is surely in order for me to apologise for being the
cause that your inboxes filled up.
I have said most of what I wanted
On Sat, May 27, 2006 at 10:19:57AM -0700, Thomas Bushnell BSG wrote:
Paul Johnson [EMAIL PROTECTED] writes:
I would be more inclined to do that to the people who signed his key
based on the Transnational Republic ID.
So, who are those people? Is Manoj one of them?
It seems that I am
And, to the people who have trouble distinguishing between
paying for a passport and purchasing an ID, while I have had to pay
for all my official identity documents, merely paying would not have
got me one -- there were background checks,
There were none at all in my case, as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Paul Johnson wrote:
On Friday 26 May 2006 15:27, Ron Johnson wrote:
Paul Johnson wrote:
On Thursday 25 May 2006 08:30, Manoj Srivastava wrote:
Given time, one can pay more attention to each document (I require at
least two photo ID's issued by
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Paul Johnson wrote:
On Friday 26 May 2006 18:34, Russ Allbery wrote:
Paul Johnson [EMAIL PROTECTED] writes:
On Thursday 25 May 2006 08:30, Manoj Srivastava wrote:
Given time, one can pay more attention to each document (I require at
least two
On Saturday 27 May 2006 14:12, Steinar H. Gunderson wrote:
On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote:
Oregon abolished the voting booth in 2000
Oh, so they get better counts and less fraud by doing away with ballot
secrecy. How wonderful.
No, that's not how it
Lionel Elie Mamane wrote:
On Sat, May 27, 2006 at 04:07:22PM +0200, Martijn van Oosterhout wrote:
The obvious example is the UK, which insists on checking your
passport if you come from the mainland.
Passport or ID Card, that is.
The www.britishembassy.gov.uk website suggests EEA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Paul Johnson wrote:
On Saturday 27 May 2006 14:12, Steinar H. Gunderson wrote:
On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote:
Oregon abolished the voting booth in 2000
Oh, so they get better counts and less fraud by doing away with
On Saturday 27 May 2006 15:28, Ron Johnson wrote:
Paul Johnson wrote:
On Friday 26 May 2006 15:27, Ron Johnson wrote:
Paul Johnson wrote:
On Thursday 25 May 2006 08:30, Manoj Srivastava wrote:
Given time, one can pay more attention to each document (I require at
least two photo ID's
On Saturday 27 May 2006 15:32, Ron Johnson wrote:
Paul Johnson wrote:
On Friday 26 May 2006 18:34, Russ Allbery wrote:
Paul Johnson [EMAIL PROTECTED] writes:
On Thursday 25 May 2006 08:30, Manoj Srivastava wrote:
Given time, one can pay more attention to each document (I require at
On Sat, May 27, 2006 at 03:41:58PM -0700, Paul Johnson wrote:
On Saturday 27 May 2006 14:12, Steinar H. Gunderson wrote:
On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote:
Oregon abolished the voting booth in 2000
Oh, so they get better counts and less fraud by doing away with
On Saturday 27 May 2006 16:12, Ron Johnson wrote:
Paul Johnson wrote:
On Saturday 27 May 2006 14:12, Steinar H. Gunderson wrote:
On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote:
Oregon abolished the voting booth in 2000
Oh, so they get better counts and less fraud by doing
Paul Johnson [EMAIL PROTECTED] writes:
The vote at champoeg was when the Oregon Territory voted to become
Canadian. We're on the south side of the border exclusively due to
the threat of military force when the US couldn't handle the fact
that we don't want them here the first time around.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Paul Johnson wrote:
On Saturday 27 May 2006 16:12, Ron Johnson wrote:
Paul Johnson wrote:
On Saturday 27 May 2006 14:12, Steinar H. Gunderson wrote:
On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote:
Oregon abolished the voting booth
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Steve Langasek wrote:
On Sat, May 27, 2006 at 03:41:58PM -0700, Paul Johnson wrote:
On Saturday 27 May 2006 14:12, Steinar H. Gunderson wrote:
On Sat, May 27, 2006 at 01:54:03PM -0700, Paul Johnson wrote:
Oregon abolished the voting booth in 2000
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Paul Johnson wrote:
On Saturday 27 May 2006 15:28, Ron Johnson wrote:
Paul Johnson wrote:
On Friday 26 May 2006 15:27, Ron Johnson wrote:
Paul Johnson wrote:
On Thursday 25 May 2006 08:30, Manoj Srivastava wrote:
Given time, one can pay more
Steve Langasek dijo [Sat, May 27, 2006 at 02:12:48PM -0700]:
On Sat, May 27, 2006 at 05:28:35PM +0200, Filippo Giunchedi wrote:
Is there a list of official documents (with photos) that we can consider
acceptable for a KSP?. If there's not we definitely need one.
However this is rather
On Saturday 27 May 2006 16:49, Thomas Bushnell BSG wrote:
Paul Johnson [EMAIL PROTECTED] writes:
The vote at champoeg was when the Oregon Territory voted to become
Canadian. We're on the south side of the border exclusively due to
the threat of military force when the US couldn't handle
On 25 May 2006, Stephen Frost verbalised:
* Manoj Srivastava ([EMAIL PROTECTED]) wrote:
Explanation? What we have here is an act of bad faith, in the guise
of demonstrating a weakness. In my experience, one act of bad faith
often leads to others.
pffft. This is taking it to an extreme. He
On 25 May 2006, Gunnar Wolf said:
Manoj Srivastava dijo [Thu, May 25, 2006 at 02:36:37AM -0500]:
Hi,
It has come to my attention that Martin Kraff used an unofficial,
and easily forge-able, identity device at a large key signing party
recently. This was apparently to belabour the obvious
* Manoj Srivastava ([EMAIL PROTECTED]) wrote:
On 25 May 2006, Stephen Frost spake thusly:
I wasn't making any claim as to the general validity of IDs which
are purchased and I'm rather annoyed that you attempted to
extrapolate it out to such. What I said is that he wasn't trying to
fake
Hello!
/me playing the devil's advocate instead of Enrico...
On Fri, 26 May 2006 08:32:43 +0200, David Moreno Garza wrote:
As an additional bit of security, I asked some people to show their
visa, issued by the Mexican government, or check the Mexican seal
they got on their point of entrance
Le jeudi 25 mai 2006 à 02:36 -0500, Manoj Srivastava a écrit :
It has come to my attention that Martin Kraff used an
unofficial, and easily forge-able, identity device at a large key
signing party recently.
FWIW, I'm pretty sure Martin presented me an official German ID card.
But
My memory is horrible, but IIRC James Troup (ie, our keymaster..) did
some similar study at the DebConf5 KSP and ended up with a list of
people whose GPG signtures he didn't trust anymore because of whatever
trick they fell for.
This thread seems entirely blown out of porportion.
--
see shy jo
Enrico Zini wrote:
However, from the book you don't get the address of madduck's home,
which is what you want when you have to go and drag him to jail if he
willingly uploads some malicious code.
None of my ID documents tell you my address either. Is there any reason
why they should?
This
On Thu, May 25, 2006 at 04:08:31PM -0400, Stephen Frost wrote:
He didn't try to dupe people and this claim is getting rather old.
Duping people would have actually been putting false information on the
ID and generating a fake key and trying to get someone to sign off on
the fake key based on
On 25 May 2006, Andreas Tille spake thusly:
On Thu, 25 May 2006, Manoj Srivastava wrote:
It has come to my attention that Martin Kraff used an
unofficial, and easily forge-able, identity device at a large key
Is there any reason to revoke my signature I have put on
Martin's key after he
On Thu, 25 May 2006, Enrico Zini wrote:
This prompts me that we should probably be taking trusted notes of birth
dates and birth places, because it's hard to physically trace one person
down just given his or her name.
At this point, it would be best to have all DDs actually enter into legally
On Thu, May 25, 2006 at 02:12:25PM -0500, Manoj Srivastava wrote:
On 25 May 2006, Stephen Frost spake thusly:
pffft. This is taking it to an extreme. He wasn't trying to fake
who he was, it just wasn't an ID issued by a generally recognized
government (or perhaps not a government at all,
On Thu, May 25, 2006 at 02:12:25PM -0500, Manoj Srivastava wrote:
He has already bragged about how he cracked the KSP by
presenting an unofficial ID which he bought -- an action designed to
show the weakness of signing parties. So, this was a bad faith act,
since the action was not
* Joey Hess ([EMAIL PROTECTED]) [060526 10:17]:
My memory is horrible, but IIRC James Troup (ie, our keymaster..) did
some similar study at the DebConf5 KSP and ended up with a list of
people whose GPG signtures he didn't trust anymore because of whatever
trick they fell for.
I know that
On Thursday 25 May 2006 15:26, Mike Hommey wrote:
On Thu, May 25, 2006 at 04:16:24PM -0500, Manoj Srivastava
[EMAIL PROTECTED] wrote:
The KSP was cracked, People signed a key without ever looking
at proper, official ID. You can try and save face by calling it
whatever you want,
Manoj Srivastava [EMAIL PROTECTED] writes:
It has come to my attention that Martin Kraff used an
unofficial, and easily forge-able, identity device at a large key
signing party recently. This was apparently to belabour the obvious
point that large KSP's are events where it is hard
James Troup wrote:
My key was part of the DC4 KSP materials, but I didn't manage to
attend in the end. A couple of people signed my key despite my lack
of attendance and one of them an NM applicant, IIRC. Again from
memory, Martin talked to the NM in question who was very apologetic,
Manoj Srivastava wrote:
Hi,
It has come to my attention that Martin Kraff used an
unofficial, and easily forge-able, identity device at a large key
signing party recently. This was apparently to belabour the obvious
point that large KSP's are events where it is hard to
Manoj Srivastava wrote:
On 25 May 2006, Stephen Frost verbalised:
* Manoj Srivastava ([EMAIL PROTECTED]) wrote:
Explanation? What we have here is an act of bad faith, in the guise
of demonstrating a weakness. In my experience, one act of bad faith
often leads to others.
pffft. This
Manoj Srivastava [EMAIL PROTECTED] writes:
Actually, passports are not really an answer (I have no idea
what the passport of cameroon looke like, for example). Given time,
one can pay more attention to each document (I require at least two
photo ID's issued by the government).
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Enrico Zini wrote:
On Thu, May 25, 2006 at 09:42:07AM -0500, Gunnar Wolf wrote:
[snip]
People write books in the name of someone else fairly often, actually.
No, I'm not only thinking about the Bible :)
There's professional book writers who
Gunnar Wolf wrote:
Maybe we should just drop holding KSPs, and fall back to the
traditional method of Hey, nice dinner we had yesterday. Say, now
that you know me, my family and my history, would you like to sign my
key as well? - Signing for people you actually know, not just linking
faces
* Manoj Srivastava:
I will not be signing his keys, ever, based on this action of
what I consider to be bad faith. Based on discussion with other
people who seem to find this action amusing, but not unacceptable, I
find that my decision to vaive my personal requirements of two
Javier Fernández-Sanguino Peña wrote:
and not showing any passports or showing passports:
[...]
- which did not had the *same* spelling as the name in the key (letter by
letter)
will not get a signature from me.
While you're obviously free to set your own standards as to whose keys
Manoj Srivastava [EMAIL PROTECTED] wrote:
On 25 May 2006, Stephen Frost verbalised:
* Manoj Srivastava ([EMAIL PROTECTED]) wrote:
Explanation? What we have here is an act of bad faith, in the guise
of demonstrating a weakness. In my experience, one act of bad faith
often leads to others.
On Thu, May 25, 2006 at 04:30:07PM -0500, Manoj Srivastava wrote:
On 25 May 2006, Andreas Tille spake thusly:
Is there any reason to revoke my signature I have put on
Martin's key after he showed me his passport?
In my opinion, yes, if you consider subverting the KSP like
that
Manoj Srivastava wrote:
On 25 May 2006, Andreas Tille spake thusly:
On Thu, 25 May 2006, Manoj Srivastava wrote:
It has come to my attention that Martin Kraff used an
unofficial, and easily forge-able, identity device at a large key
Is there any reason to revoke my signature I have
On Thu, May 25, 2006 at 10:11:55PM -0400, Travis Crump wrote:
Who actually has two forms of government issued picture ID[not counting
a passport which I never take anywhere unless I really need to since it
is really bad to lose it and doesn't fit in a wallet, not to mention my
passport photo
On Thu, 2006-05-25 at 16:16 -0500, Manoj Srivastava wrote:
On 25 May 2006, Stephen Frost spake thusly:
* Manoj Srivastava ([EMAIL PROTECTED]) wrote:
On 25 May 2006, Stephen Frost spake thusly:
I wasn't making any claim as to the general validity of IDs which
are purchased and I'm rather
Travis Crump [EMAIL PROTECTED] writes:
Who actually has two forms of government issued picture ID[not counting
a passport which I never take anywhere unless I really need to since it
is really bad to lose it and doesn't fit in a wallet, not to mention my
passport photo isn't a very good
1 - 100 of 164 matches
Mail list logo
