Ar 26/10/2008 am 21:57, ysgrifennodd Lars Wirzenius: > la, 2008-10-25 kello 09:59 +0200, Stefano Zacchiroli kirjoitti: > > A scenario I want to avoid for example is that newcomers can alter the > > keyring adding tens of "friends". Such a possibility would imply that > > if Debian as a project fails *once* in checking IDs and motivations > > for *a single* newcomer, than that newcomer can screw us badly adding > > a whole lot of people. I presume the range of nasty scenarios > > starting from this one is quite big. > > I would like to stress that my proposal says that any changes should be > easy to undo. This is especially true for anything that may result in > nasty scenarios. I haven't thought about the mechanics of this yet in > any particular detail, but there are so many ways in which keyring > maintenance could be arranged to achieve the goal of my proposal that > I'm not worried it can't be implemented.
This sounds comparable to the approach used by wikis, sometimes described as "soft security". It works through revision conrol: letting people see who did what, and allowing restoring old versions. -- Dafydd -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
