incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Noah Slater <nsla...@tumbolia.org>
Subject Re: key signing
Date Wed, 10 Oct 2012 21:16:54 GMT
I've said it already in this thread, but I will say it one last time before
I drop it. Archiving video provides zero benefits, beyond the human to
human connection of seeing what somebody looks like. It provides no way to
establish identity or ownership of email/keys that email does not already
provide. Or perhaps email with a photograph of me included?

On Wed, Oct 10, 2012 at 5:04 PM, Marvin Humphrey <marvin@rectangular.com>wrote:

> On Wed, Oct 10, 2012 at 8:11 AM, Florian Holeczek <florian@holeczek.de>
> wrote:
> > However, what would now be totally wrong IMO is, that some guys in the
> ASF
> > redefine these rules in order to make the process of release signing more
> > simple. In the WoT big picture, this would automatically mean that every
> key
> > that is signed based on these weak rules would have to be marked as
> > marginally trusted (if at all) by people who want to really follow the
> > PGP/GPG WoT concept.
>
> In my opinion, we have sufficient expertise here at the ASF to devise an
> authentication protocol whose reliability exceeds that of individuals
> participating unsupervised in a web of trust, particularly if the protocol
> were to incorporate archived video and auditing by a PMC.
>
> That said, persuading others that no corners are being cut may be a more
> daunting challenge. :P
>
> Marvin Humphrey
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
>
>


-- 
NS

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message