Re: Unit 193: Declaration of intent
Holger Levsen dijo [Tue, Jul 26, 2016 at 01:58:49AM +]: > > But, again, find two DDs with active keys in the keyring with personal > > policies different than mine, and I will accept it. Hell, I won't even > > be able to know about it :) > > while I appreciate that you accept keys signed with other policies than > yours, I don't think keyring maintainers should be willing to accept > *all* signatures done by DDs. > > (And I do see the problem that you cannot know everything…) Ack > But still, if you *hear* some signatures have been done under fishy > circumstances, I *do* think you should object. > > Else I^wsomeones may be tempted to try to game the system… > > IOW: please don't state you'd be willing to accept *any* signatures done > by two DDs… maybe just adding a single word and saying "you'd *almost* be > willing…" is enough to make the difference I think is important here. > > I fully understand your POV but if I were to take a similar stance, > namely "I will sign any key presented under any ID to me, because I have > no means whatsoever to properly verify IDs anyway" and if there then > were several DDs with that policy… I dont think that would be good. And > it would be worse if our keyring maintainers were to accept those IDs > into Debian. Just for the record: I agree with Holger here. We expect every Debian Project Member to be a responsible user of their key, and that includes not blindly signing anybody's key. We do not currently have a policy on what to do in the event somebody is known to misuse the trust model we work with, but I think that a key used improperly could very well be treated as if it had been compromised, and removed from the keyring (as happened many years ago, when many people were storing their .gnupg/secring.gpg in project machines). In short: The system can be gamed. We assume good will and best intentions from Debian people. Bad intentions will be punished. signature.asc Description: Digital signature
Re: Unit 193: Declaration of intent
On Mon, Jul 25, 2016 at 11:46:45AM -0500, Gunnar Wolf wrote: > [...] Signing an identity must > mean that you verified the identity in a nontrivial way. Signing > somebody you have not directly interacted with at all is wrong in my > eyes. I agree. > But, again, find two DDs with active keys in the keyring with personal > policies different than mine, and I will accept it. Hell, I won't even > be able to know about it :) while I appreciate that you accept keys signed with other policies than yours, I don't think keyring maintainers should be willing to accept *all* signatures done by DDs. (And I do see the problem that you cannot know everything…) But still, if you *hear* some signatures have been done under fishy circumstances, I *do* think you should object. Else I^wsomeones may be tempted to try to game the system… IOW: please don't state you'd be willing to accept *any* signatures done by two DDs… maybe just adding a single word and saying "you'd *almost* be willing…" is enough to make the difference I think is important here. I fully understand your POV but if I were to take a similar stance, namely "I will sign any key presented under any ID to me, because I have no means whatsoever to properly verify IDs anyway" and if there then were several DDs with that policy… I dont think that would be good. And it would be worse if our keyring maintainers were to accept those IDs into Debian. -- cheers, Holger, with no clear signing policy… (I mostly only sign keys from people I know offline+online, but I do make frequent exceptions from that… and what means knowing a person anyway…) signature.asc Description: Digital signature
Re: Unit 193: Declaration of intent
Christian Kastner dijo [Wed, Jul 13, 2016 at 07:45:36PM +0200]: > On 2016-07-13 10:16, Filippo Rusconi wrote: > > To the community : Should we accept pure pseudo "identifications" in > > Debian ? > > Personally, I wouldn't care about the pseudonym, but I would very much > care about an in-person meeting. > > There was a longer thread about this on -project last year: > > https://lists.debian.org/debian-project/2015/02/msg00017.html Absolutely. But signing somebody's ID is done out of personal policy. I always make clear to people how my personal signing policy differs from some other people's (and why I am sometimes flexible upon what I say, if the reality pushes that way). Signing an identity must mean that you verified the identity in a nontrivial way. Signing somebody you have not directly interacted with at all is wrong in my eyes. But, again, find two DDs with active keys in the keyring with personal policies different than mine, and I will accept it. Hell, I won't even be able to know about it :) signature.asc Description: Digital signature