testing my pgp/introducing myself
Patrick W. Barnes
nman64 at n-man.com
Fri May 5 08:27:54 UTC 2006
On Thursday 04 May 2006 21:59, Karsten Wade <kwade at redhat.com> wrote:
>
> Missed opportunity at the last FUDCon for a keysigning. Why don't we
> care about those anymore? Don't we need a strong web of trust for
> Fedora keys to mean anything themselves?
>
> Is there any way we can do keysigning parties not in person? For
> example ...
>
> Okay, I started to write out a process that included pictures of
> ourselves signed and encrypted and verified ... and it was crazier than
> ever.
>
> Anyone want to start a Fedora Keys SIG that works to get _everyone_ to
> pause for a keysigning wherever two Fedorans meet in the meat?
>
Others may have a different view, but I don't see meeting in person as a
requirement for trust among Fedora contributors. The real purpose of
requiring face-to-face contact is to allow identities to be verified. Since
we are identified to each other by our contributions, we have less of a need
to attach a GPG key to a face and more need to attach a GPG key to a
contributor identity. This can be accomplished through regular usage of
keys. For example, since I always sign my messages, and you can be
reasonably sure of my contributor identity, you can infer that it is safe to
trust the key that I regularly sign with. It would be just as easy for
someone to show up at a FUDCon with an ID card that has my name on it and
claim to be me for the sake of getting their key signed, and that's why
face-to-face keysigning parties aren't as useful for Fedora contributors.
--
Patrick "The N-Man" Barnes
nman64 at n-man.com
http://www.n-man.com/
LinkedIn:
http://www.linkedin.com/in/nman64
Have I been helpful? Rate my assistance!
http://rate.affero.net/nman64/
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-docs-list/attachments/20060505/f35f0a41/attachment.sig>
More information about the fedora-docs-list
mailing list