On Wed, Feb 11, 2015 at 08:36:54PM +0000, Philip Hands wrote: > Nikolaus Rath <nikol...@rath.org> writes: > ... > > Following that argument, I think a key should be signed and included in > > the Debian keyring if it (the key) has a history of high quality > > contributions. Meeting the keyholder in person to look at his passport > > doesn't seem to add anything of particular value here. Why would I care > > under what name he has been contributing? > > The thing it's trying to add is some assurance that, if it were > necessary to eject someone from the project for whatever reason, that it > is at least moderately hard for them to sneak back in under a different > name.
I agree with Philip (as usual), but it's also the standard that we hold ourselves to when signing someones OpenPGP key -- I can't assert someone's identity matches without meeting them. -- .''`. Paul Tagliamonte <paul...@debian.org> | Proud Debian Developer : :' : 4096R / 8F04 9AD8 2C92 066C 7352 D28A 7B58 5B30 807C 2A87 `. `'` http://people.debian.org/~paultag `- http://people.debian.org/~paultag/conduct-statement.txt
signature.asc
Description: Digital signature