Steve Langasek <[EMAIL PROTECTED]> writes: >> What do you think we get by having the signed ID? What advantages >> accrue to Debian by having this check that someone's real name is what >> we think it is? > >> I think it's a good thing, I agree with our practice, but I'm not sure >> what vast security hole is suddenly opened up here. If we found out >> that the person who has been a faithful and valuable developer, under >> the name "Martin Krafft" is not the real Martin Krafft, what should we >> do? Go find the real Martin Krafft and make him a developer? > > I thought the obvious answer here would be to kick this person out of the > project for breaching the project's trust. Can you think of a reason why it > would be ok for someone to lie to us about their real name?
Oh, that's fine, but then I don't see exactly what Manoj is bothered by. It seems like he ought to be on Martin's side here, they are both worried about the same thing: that people are a little too lax in checking IDs', particularly at giant KSPs. Thomas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
