Manoj Srivastava <[EMAIL PROTECTED]> writes: > It has come to my attention that Martin Kraff used an > unofficial, and easily forge-able, identity device at a large key > signing party recently. This was apparently to belabour the obvious > point that large KSP's are events where it is hard to reasonably > check. in a large international KSP, anything beyond matching > pictures/names/expiry dates, especially after an hour or so after > starting.
So, you are confident that the person who did this is in fact Martin Kraff, right? > Based on this, I strongly suggest that mere signatures on a > new maintainers key from a DD be also not enough, since people have > now effectively proven how easily signatures may be obtained at a > large KSP by just about anyone with money for a easily faked ID. What would you suggest instead? _______________________________________________ Debconf-discuss mailing list Debconf-discuss@lists.debconf.org http://lists.debconf.org/mailman/listinfo/debconf-discuss
