Hi,
It has come to my attention that Martin Kraff used an
unofficial, and easily forge-able, identity device at a large key
signing party recently. This was apparently to belabour the obvious
point that large KSP's are events where it is hard to reasonably
check. in a large international KSP, anything beyond matching
pictures/names/expiry dates, especially after an hour or so after
starting.
Presenting essentially a fake ID is an act of bad faith that
leads one to wonder how many of the other key signing parties he has
attended did he present a false ID?
I will not be signing his keys, ever, based on this action of
what I consider to be bad faith. Based on discussion with other
people who seem to find this action amusing, but not unacceptable, I
find that my decision to vaive my personal requirements of two forms
of ID was probably a mistake, and I am probably not going to be
signing any of the keys.
I must confess to being deeply disappointed. A large KSP ,
especially when conducted standing up, is an exhausting affair under
the best circumstances, but if people are interested in gaming the
system and acting in bad faith to show how weak the system is, then I
think the system is unworkable.
Based on this, I strongly suggest that mere signatures on a
new maintainers key from a DD be also not enough, since people have
now effectively proven how easily signatures may be obtained at a
large KSP by just about anyone with money for a easily faked ID.
manoj
--
"The most important thing in a man is not what he knows, but what he
is." Narciso Yepes
Manoj Srivastava <[EMAIL PROTECTED]> <http://www.debian.org/%7Esrivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
_______________________________________________
Debconf-discuss mailing list
Debconf-discuss@lists.debconf.org
http://lists.debconf.org/mailman/listinfo/debconf-discuss
