On Sat, May 27, 2006 at 04:47:20PM -0500, martin f krafft wrote: > Dear Manoj, dear fellow DDs,
Hi, I'm just going to address the question you made that was directed to me.
> also sprach Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]>
> [2006.05.25.1300 -0500]:
> > FWIW, I noted down those keys I would *not* sign and didn't tell
> > the people at the KSP that I would not sign them. I guess his
> > experiment "only one in ten said that they would *not* sign it" is
> > moot unless he backs it up with the signatures he eventually got
> > sent from those he showed a wrong ID to.
>
> Out of curiosity, did you mark my key to be "questionable"?
Yes. But then again, you have to trust that I did since you cannot
see the (2) I added next to your name and the ID check :-)
(on a scale of 1-5 with 5 being the highest). You got a (2) (and
not a (1) like others did) not because of your ID but because we actually
talked throughout the Debconf.
> The point you raise is a valid one. However, given how many people
> just don't sign keys after keysignings, the data would be skewed in
> the other direction.
True. But skew is always present in lies^statistics :-)
> I do not yet understand why some people do not confront those with
> questionable IDs. Maybe you can shine some light on that.
For two reasons:
1.- People might not have a better ID (I guess I trust people to bring
their best ID to the KSP) and that means that:
a) they will be ashamed that they cannot provide a better ID
b) they will be offended that I don't trust their national ID
c) they will not understand why I'm asking for a better ID
2.- Lack of time and peer pressure ("you are taking too long!")
The only case in which I would bother explaining is 1-b, but with 2) taken
into account I did not had time to explain why their ID was not sufficient
for me. And I can actually do that (with a canned e-mail) after the KSP.
Hope that explains it.
Javier
signature.asc
Description: Digital signature
