Return-Path: 
 <general-return-37995-apmail-incubator-general-archive=incubator.apache.org@incubator.apache.org>
X-Original-To: apmail-incubator-general-archive@www.apache.org
Delivered-To: apmail-incubator-general-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 03E0EDAC9
	for <apmail-incubator-general-archive@www.apache.org>;
 Tue, 16 Oct 2012 14:11:22 +0000 (UTC)
Received: (qmail 66232 invoked by uid 500); 16 Oct 2012 14:11:21 -0000
Delivered-To: apmail-incubator-general-archive@incubator.apache.org
Received: (qmail 66019 invoked by uid 500); 16 Oct 2012 14:11:20 -0000
Mailing-List: contact general-help@incubator.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:general-help@incubator.apache.org>
List-Unsubscribe: <mailto:general-unsubscribe@incubator.apache.org>
List-Post: <mailto:general@incubator.apache.org>
List-Id: <general.incubator.apache.org>
Reply-To: general@incubator.apache.org
Delivered-To: mailing list general@incubator.apache.org
Received: (qmail 65986 invoked by uid 99); 16 Oct 2012 14:11:20 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 16 Oct 2012 14:11:20 +0000
X-ASF-Spam-Status: No, hits=1.5 required=5.0
	tests=HTML_IMAGE_ONLY_32,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of nslater@tumbolia.org
 designates 209.85.210.175 as permitted sender)
Received: from [209.85.210.175] (HELO mail-ia0-f175.google.com)
 (209.85.210.175)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 16 Oct 2012 14:11:14 +0000
Received: by mail-ia0-f175.google.com with SMTP id b35so4548216iac.6
        for <general@incubator.apache.org>;
 Tue, 16 Oct 2012 07:10:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=tumbolia.org; s=google;
        h=mime-version:x-originating-ip:in-reply-to:references:date
         :message-id:subject:from:to:content-type;
        bh=i3jV9mm1Ot1O9H92ujr/okQGXPsBN8QZFOr6TeIfUOY=;
        b=aKURrQnDt3Pzoytdn+E7qMHOQyOvOeBE2qrlAlPwBKbrZOzllL4Eik8lJFBMaWs0ep
         2290CoAnLmpv46ZM2EKkPvJ+80xzjTkzatbg4O0Tw0Yd1m7usVa3p1mLib2bQxEOB2I1
         6wKR/OhEIAtZfSIAmbB0UcsethAXfvFxOMrso=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20120113;
        h=mime-version:x-originating-ip:in-reply-to:references:date
         :message-id:subject:from:to:content-type:x-gm-message-state;
        bh=i3jV9mm1Ot1O9H92ujr/okQGXPsBN8QZFOr6TeIfUOY=;
        b=Ta1/lGNSYwMzs0k4kk/ufHr9DMzea5vxQth5SKVKhZoU/1v5WG5cIIEqqGhszAOd11
         IX7P8dSJxvP9F+HlQN8PGy+6khzEs5KpIGSCw4Ab9jDDZc+LzJ2S/eC/vyzUfm3dsSOz
         Y8HsT1XlU70omZfgk9t3n1hnO3qwUqSnfGj3mOMlT/yfyufUjXKIWw0B0BnikXdCkRFW
         3yr/vqUmujxe+9YF3CYFxZ5ao+4+R9mDrla9u8TFZKxB+Qgv0g/vdIKCq2EUjyY8THWy
         KyZaFHnFOoUHZNDIGs2JaTu3M4WVs8/ztwKp2LXPD97fMNhVlwy+iOgdsYRJTpx4XDn0
         dhOQ==
MIME-Version: 1.0
Received: by 10.50.178.106 with SMTP id cx10mr12254557igc.24.1350396653893;
 Tue, 16 Oct 2012 07:10:53 -0700 (PDT)
Received: by 10.64.63.19 with HTTP; Tue, 16 Oct 2012 07:10:53 -0700 (PDT)
X-Originating-IP: [178.250.115.206]
In-Reply-To: 
 <CALhtWkesFMhkATDcpOVoSpeGZ0+W+u9wt+DiVbTp4MUDda2N3A@mail.gmail.com>
References: 
 <CALhtWkesFMhkATDcpOVoSpeGZ0+W+u9wt+DiVbTp4MUDda2N3A@mail.gmail.com>
Date: Tue, 16 Oct 2012 15:10:53 +0100
Message-ID: 
 <CA+Y+4458A7yyEmQT6NObsUG-5U9jonhCmL8uXBDBVGso1WtWog@mail.gmail.com>
Subject: Re: key signing
From: Noah Slater <nslater@tumbolia.org>
To: general@incubator.apache.org
Content-Type: multipart/alternative; boundary=e89a8f5036c8dc785904cc2db89e
X-Gm-Message-State: 
 ALoCoQmg0iNDbogSp9Tfma+uloxcAFW3J0YXLG53v5EPpdoRDrPjdd/Sa3iFMCSzoVCUU40HkjO8
X-Virus-Checked: Checked by ClamAV on apache.org

--e89a8f5036c8dc785904cc2db89e
Content-Type: text/plain; charset=ISO-8859-1

It had to be done, given this thread's epic proportions... ;)

[image: Identity]

http://xkcd.com/1121/

On Fri, Oct 5, 2012 at 1:04 PM, Benson Margulies <bimargulies@gmail.com>wrote:

> I'm offering this discussion here, but it might need to go elsewhere
> if it goes anywhere at all.
>
> It seems to me that the there is a gap in the incubation process, and
> I don't know how to fill it.
>
> As far as I can see, we don't do anything to facilitate or encourage
> getting PGP keys signed. We tell people to create a key and put it in
> the SVN 'keys' file.
>
> Key signing strikes me as a bit of a conundrum for us. In all other
> respects, we emphasize that anyone, anywhere, in any time zone, can be
> a full member of a community. However, key signing requires something
> else. [1] Generally, it requires a face-to-face interaction.
>
> It is perhaps interesting to note that the foundation accepts CLAs as
> legally binding without any face-to-face identity verification. If you
> send in a CLA with a signature, we believe it, and we believe that the
> email address you provide is, in fact, controlled by the legal person
> who signed the form.
>
> I wonder, then, if secretary@ should be willing to sign a key.
> Alternatively, since the chain is CLA -> svn access -> unsigned key in
> svn, perhaps all we really need is to document that a signature
> corresponding to a key in svn is really good enough, and users need
> not be concerned further.
>
>
>
> [1]: http://httpd.apache.org/dev/verification.html
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
>
>


-- 
NS

--e89a8f5036c8dc785904cc2db89e--