On Thu, 2005-01-20 at 21:51 +0000, Luke-Jr wrote: > Identification does, maybe, but identification of abilities, not > identification of name.
Except we've mostly been talking about GPG keys... which we use for pretty much two things... to determine that the person sending the email is in fact the person we think they are, and to sign releases/packages (eventually) to determine that the package was indeed added to the tree by the person it says it was. > > The point is, when you're an organization and you take donations and > > volunteer time as part of the service you provide, you owe it to the > > community you service to verify the quality of the products you provide - > > part of that comes from the identity of those who provide them. > > But none of that comes from the arbitrary string (name) associated with them. I love this philosophical horse crap as much as the next, but it is really old now. If you want your key signed, then show your ID. If you don't, then don't. It really is that simple. > I would argue that this is more of a rationale for different signature types. > "I know this key is used for honest representation." (what I consider key > sigs to be right now), "I trust the person this key represents with some > things of mine", and "I trust the person this key repesents with any access > that I have." > Just because I sign Mr. Green's key doesn't mean I am guaranteeing he won't > kill Mrs. White with the candlestick. All I'm saying is that the particular > Mr. Green I know uses this key for legitimate purposes and is not attempting > to represent somebody else. Exactly. The point of the ID is that you are signing a key of someone that you might not know, and you want to be sure that someone else isn't trying to represent them. > On Thursday 20 January 2005 8:49 pm, Chris Gianelloni wrote: > > On Thu, 2005-01-20 at 20:08 +0000, Luke-Jr wrote: > > > > How would you like it if everyone signed up for the list sent a reply > > > > each time you sent a mail with this request? I'd wager you would turn > > > > that crap off *real* quickly in that case. Hundreds of emails saying > > > > "yes I read your worthless mail" can't be a good thing. > > > > > > Actually, I would probably procmail them... > > > > Then why the hell are you requesting them, > > You make too many assumptions. I would procmail them into a folder, not a > trash. I am requesting them by default because they can be useful for people > who don't reply to every email they receive, and I'm unaware of any mail > program that has the ability to have a different default for mailing lists. Actually, that is pretty easy. All you need to do is setup something like [EMAIL PROTECTED] and set the preference for that address to not send them. You could even use the exact same email address. > > Linda? > > This is the last time I will reply to a message directed toward me under the > name Linda. I do not recognize that as my name in any sense. Whatever you say, Linda. -- Chris Gianelloni Release Engineering - Operational/QA Manager Games - Developer Gentoo Linux
signature.asc
Description: This is a digitally signed message part
