Christian Kastner dijo [Thu, Feb 12, 2015 at 10:30:16PM +0100]:
In my opinion, exactly the same applies for someone you've met. I think
it's a lot easier to get a forged id than to establish a history of
valuable contributions.
Well, it depends. A forged passport[1], if one even knows
On Fri, 2015-02-13 at 15:14 +, Ian Jackson wrote:
There are organisations with plenty of money, who would perhaps like
to infiltrate us, but for whom risk of exposure is the biggest cost of
trying.
Which organisations would that be?
It is the NSA, who was caught red-handed installing gear
On 2015-02-15 11:55, Russell Stuart wrote:
On Fri, 2015-02-13 at 15:14 +, Ian Jackson wrote:
There are organisations with plenty of money, who would perhaps like
to infiltrate us, but for whom risk of exposure is the biggest cost of
trying.
Which organisations would that be?
It is
Hi Ian and All,
On Fri, 2015-02-13 at 15:14 +, Ian Jackson wrote:
Sending a warm body to turn up at a conference is much riskier. Even
if the person just turns up at the KSP, and engages in no small talk
with anyone, their photo might be taken; they might be `made' by
suspicious
Russ Allbery writes (Re: Why are in-person meetings required for the debian
keyring?):
I think the point is that so could the person who showed up at DebConf.
Once you start postulating a sufficiently motivated attacker that they
would be willing to take the time to establish a contribution
Sam Hartman wrote:
However, I also thing it's desirable that we have some probability of
being able to engage a legal process if we needed to. [...]
That's something we should not stand for, and being able to respond to
that sort of thing in the legal system does have to do with a binding to
On 2015-02-13 13:38, Tollef Fog Heen wrote:
There are certainly possible attacks here, but do we realistically think
we're going to protect ourselves against a competent attacker willing to
put 3-6-12 months of full-time effort into becoming a DD and getting
access?
Probably not. But does
On 2015-02-11 20:17, Nikolaus Rath wrote:
Following that argument, I think a key should be signed and included in
the Debian keyring if it (the key) has a history of high quality
contributions. Meeting the keyholder in person to look at his passport
doesn't seem to add anything of particular
On Fri, Feb 13, 2015 at 09:19:29AM +1000, Russell Stuart wrote:
On Thu, 2015-02-12 at 10:57 -0800, Steve Langasek wrote:
I'm surprised no one else has brought up this point yet: part of the reason
for using cryptographic PKI (web of trust; SSL CAs; etc) is to eliminate
man-in-the-middle
On Fri, 2015-02-13 at 16:16 -0800, Steve Langasek wrote:
On Fri, Feb 13, 2015 at 09:19:29AM +1000, Russell Stuart wrote:
On Thu, 2015-02-12 at 10:57 -0800, Steve Langasek wrote:
I'm surprised no one else has brought up this point yet: part of the
reason
for using cryptographic PKI
Sam Hartman hartm...@debian.org writes:
Nikolaus == Nikolaus Rath nikol...@rath.org writes:
Nikolaus However, it seems to me that meeting someone in person
Nikolaus isn't actually verifying the relevant identity here. My
Nikolaus trust in a Debian developer is not based on him
Steve Langasek vor...@debian.org writes:
On Wed, Feb 11, 2015 at 11:17:44AM -0800, Nikolaus Rath wrote:
I'm a little confused about the need to meet in-person to get a
signature that's acceptable for the Debian keyring.
I believe that Debian packages are signed on upload to ensure that they
On Wed, Feb 11, 2015 at 11:17:44AM -0800, Nikolaus Rath wrote:
I'm a little confused about the need to meet in-person to get a
signature that's acceptable for the Debian keyring.
I believe that Debian packages are signed on upload to ensure that they
have been prepared by a Debian Developer,
On 2015-02-12 18:20, Nikolaus Rath wrote:
Christian Kastner deb...@kvr.at writes:
I highly disagree. Contributing to Debian for 5 years alone is well
within the means and patience of various organizations with potentially
malicious intentions.
Does that mean you're individually verifying
* Philip Hands p...@hands.com [2015-02-12 08:15:55 CET]:
Russell Stuart russell-deb...@stuart.id.au writes:
On Wed, 2015-02-11 at 11:17 -0800, Nikolaus Rath wrote:
If it is indeed trying to do that, it fails miserably. A DD signing a
key doesn't imply he is saying he is worthy of
Christian Kastner deb...@kvr.at writes:
And I maintain that those people cannot be trusted with unrestricted
upload rights to the archive. That person-noone-has-ever-met but
occasionally-prepares-and-uploads-packages could just be a well
motivated person (or a group of people -- who knows?)
Russell Stuart russell-deb...@stuart.id.au writes:
On Thu, 2015-02-12 at 07:15 +, Philip Hands wrote:
You've managed to spectacularly miss my point.
If one insists on face-to-face meetings, there is a moderate chance that
someone is going to notice that the same person is attempting to
Christian Kastner deb...@kvr.at writes:
On 2015-02-11 20:17, Nikolaus Rath wrote:
In other words: just because I'm sure about someone's
legal name, I wouldn't trust him to run code on my computer. But if
someone has been contributing to Debian for 5 years with a specific GPG
key, I'd probably
On Thu, 2015-02-12 at 07:15 +, Philip Hands wrote:
You've managed to spectacularly miss my point.
If one insists on face-to-face meetings, there is a moderate chance that
someone is going to notice that the same person is attempting to create
a new persona in order to gain a reentry that
On 2015-02-12 22:49, Nikolaus Rath wrote:
Christian Kastner deb...@kvr.at writes:
I of course agree with the first part, but I have to disagree with the
last sentence: I think it does increase the risk for the attacker.
Because even if the ID is fake, I still have seen a person, and a face,
I
Christian Kastner deb...@kvr.at writes:
On 2015-02-12 21:11, Russ Allbery wrote:
Christian Kastner deb...@kvr.at writes:
And I maintain that those people cannot be trusted with unrestricted
upload rights to the archive. That person-noone-has-ever-met but
On 2015-02-12 21:29, Nikolaus Rath wrote:
In my opinion, exactly the same applies for someone you've met. I think
it's a lot easier to get a forged id than to establish a history of
valuable contributions.
Well, it depends. A forged passport[1], if one even knows where to get
it, will cost you
On 2015-02-12 21:11, Russ Allbery wrote:
Christian Kastner deb...@kvr.at writes:
And I maintain that those people cannot be trusted with unrestricted
upload rights to the archive. That person-noone-has-ever-met but
occasionally-prepares-and-uploads-packages could just be a well
motivated
Nikolaus Rath nikol...@rath.org writes:
I think that's a pretty weak argument. Even if you assume that a
theoretical perpetrator originally joined Debian with good intentions
(i.e., without using a faked id in the first place), and that you are
actually able to sue in the relevant country,
On 2015-02-12 22:30, Christian Kastner wrote:
Then again, in the latter case, I find it hard to believe that someone
so dedicated to Debian would not at some point run into a fellow Debian
Developer would cound verify the credentials
would be able to
Sorry
On Thu, 2015-02-12 at 10:57 -0800, Steve Langasek wrote:
I'm surprised no one else has brought up this point yet: part of the reason
for using cryptographic PKI (web of trust; SSL CAs; etc) is to eliminate
man-in-the-middle attacks.
Ah, but you see that is one of the beauties of proof of work.
Christian Kastner deb...@kvr.at writes:
On 2015-02-12 18:20, Nikolaus Rath wrote:
Christian Kastner deb...@kvr.at writes:
On 2015-02-11 20:17, Nikolaus Rath wrote:
In other words: just because I'm sure about someone's
legal name, I wouldn't trust him to run code on my computer. But if
Nikolaus == Nikolaus Rath nikol...@rath.org writes:
Nikolaus However, it seems to me that meeting someone in person
Nikolaus isn't actually verifying the relevant identity here. My
Nikolaus trust in a Debian developer is not based on him holding a
Nikolaus particular legal name,
❦ 11 février 2015 11:17 -0800, Nikolaus Rath nikol...@rath.org :
However, it seems to me that meeting someone in person isn't actually
verifying the relevant identity here. My trust in a Debian developer is
not based on him holding a particular legal name, it is in his history
of
Hello,
I'm a little confused about the need to meet in-person to get a
signature that's acceptable for the Debian keyring.
I believe that Debian packages are signed on upload to ensure that they
have been prepared by a Debian Developer, because Debian Developers are
assumed to be trustworthy.
Nikolaus Rath nikol...@rath.org writes:
...
Following that argument, I think a key should be signed and included in
the Debian keyring if it (the key) has a history of high quality
contributions. Meeting the keyholder in person to look at his passport
doesn't seem to add anything of particular
On Wed, Feb 11, 2015 at 08:36:54PM +, Philip Hands wrote:
Nikolaus Rath nikol...@rath.org writes:
...
Following that argument, I think a key should be signed and included in
the Debian keyring if it (the key) has a history of high quality
contributions. Meeting the keyholder in person
On Wed, 2015-02-11 at 11:17 -0800, Nikolaus Rath wrote:
I'm a little confused about the need to meet in-person to get a
signature that's acceptable for the Debian keyring.
I believe that Debian packages are signed on upload to ensure that they
have been prepared by a Debian Developer,
On 2015-02-11 21:45, Paul Tagliamonte wrote:
I agree with Philip (as usual), but it's also the standard that we hold
ourselves to when signing someones OpenPGP key -- I can't assert
someone's identity matches without meeting them.
I think this is spot on. This identity match ties a unique key
Russell Stuart russell-deb...@stuart.id.au writes:
On Wed, 2015-02-11 at 11:17 -0800, Nikolaus Rath wrote:
I'm a little confused about the need to meet in-person to get a
signature that's acceptable for the Debian keyring.
I believe that Debian packages are signed on upload to ensure that
35 matches
Mail list logo