On Thu, 25 Apr 2002 02:21:37 +0200,
Julien LEMOINE <[EMAIL PROTECTED]> wrote:
> On Thursday 25 April 2002 01:19, Oohara Yuuma wrote:
> > 2) The current version of xsoldier puts its score file in /var/lib/games,
> >which is wrong. According to the FHS, it must be in
> > /var/games/xsoldier. Si
Hi,
I wonder if it is acceptable to sign a key from someone that :
- I meet him personnaly and saw his ID
- I saw him in a public meeting in a specific role (We can consider he
is well known)
- I have a lot of public mails from him that are all signed
But the key makes no references to his na
On Thu, Apr 25, 2002 at 10:04:20AM -0400, christophe barbé wrote:
> I wonder if it is acceptable to sign a key from someone that :
> - I meet him personnaly and saw his ID
> - I saw him in a public meeting in a specific role (We can consider he
> is well known)
> - I have a lot of public mails
On Thu, Apr 25, 2002 at 10:04:20AM -0400, christophe barb? wrote:
> I wonder if it is acceptable to sign a key from someone that :
> [irrelevent stuff]
> But the key makes no references to his name.
>
> In my understanding the ID is useless but I have enough element to
> believe he is the guy h
I forgot to mention that we exchanged encrypted secret words and that I
check the fingerprint when I meet him.
He use his email address in his gpg key but his email address is not
related to his name.
I am sure he is the guy behind the key.
I started this thread because of the debian implicatio
On Thu, Apr 25, 2002 at 10:56:31AM -0400, christophe barbé wrote:
> I forgot to mention that we exchanged encrypted secret words and that I
> check the fingerprint when I meet him.
> He use his email address in his gpg key but his email address is not
> related to his name.
> I am sure he is th
christophe barbé <[EMAIL PROTECTED]> writes:
> I forgot to mention that we exchanged encrypted secret words and that I
> check the fingerprint when I meet him.
>
> He use his email address in his gpg key but his email address is not
> related to his name.
>
> I am sure he is the guy behind the
On Thu, Apr 25, 2002 at 10:56:31AM -0400, christophe barbé wrote:
> I forgot to mention that we exchanged encrypted secret words and that I
> check the fingerprint when I meet him.
> He use his email address in his gpg key but his email address is not
> related to his name.
> I am sure he is th
On Thu, Apr 25, 2002 at 10:04:39AM -0500, Steve Langasek wrote:
> I still don't understand what you mean by a 'without-ID key'. It's
> difficult to give you a clear answer unless you can give us tangible
> information. A PGP uid has three parts to it: a name, an email address,
> and a comment.
On Thu, Apr 25, 2002 at 10:11:25AM -0500, Steve Langasek wrote:
> Upon rereading, I see what you're asking here. You're worried that if
> you sign a uid that doesn't have his name on it, and he adds another uid
> later that does have a name on it (not necessarily his), this will
> mistakenly be a
Hi,
my name is Luigi Gangitano, I'm a member of LugRoma3 and a Debian user
for a couple of years, now.
I'd like to become a Debian Developer, just because I need the 'sarg'
package on some of the server I use.
Sarg (formerly known as SQMGRLOG) is a log analyzer for SQUID written by
Orso ([EMAIL
On Thu, Apr 25, 2002 at 10:50:43AM -0400, Chad Miller wrote:
> No! One doesn't really sign "keys". One signs identification. If you meet
> someone, your goal is to match the picture ID with the face, and the name on
> the ID with the UID in the keyring. Just because we meet, and I show you
> a
On Thu, Apr 25, 2002 at 11:20:30AM -0400, christophe barbé wrote:
> On Thu, Apr 25, 2002 at 10:11:25AM -0500, Steve Langasek wrote:
> > Upon rereading, I see what you're asking here. You're worried that if
> > you sign a uid that doesn't have his name on it, and he adds another uid
> > later that
On Thu, Apr 25, 2002 at 10:11:25AM -0500, Steve Langasek wrote:
> > He use his email address in his gpg key but his email address is not
> > related to his name.
>
> > I am sure he is the guy behind the key.
> > I started this thread because of the debian implication.
>
> > I believe that from t
On Thu, Apr 25, 2002 at 11:22:50AM -0400, christophe barb? wrote:
> IDs are easily forged. I am sure of that since I have see how it works
To misquote Old Man Murray, it's better than relying on scent.
IDs are the best thing we have for identifying the person's real name,
and real names are _req
On Thu, 25 Apr 2002, christophe barbé wrote:
> But the key makes no references to his name.
[...]
> Should I sign his key ?
No. Request that he adds an UID to his key with his name as it appears on
his documents (the name that he would have in a international travel pass,
for example), and sign T
Luigi Gangitano <[EMAIL PROTECTED]> writes:
> Now I've seen that sarg as been orphaned on January 2002 and I'd like to
> become its maintainer, but I don't know any Debian Developer that can
> promote my candidation and I could not find any information about the
> former sarg maintainer to contac
Il gio, 2002-04-25 alle 21:25, Joerg Jaspert ha scritto:
> Luigi Gangitano <[EMAIL PROTECTED]> writes:
> > Now I've seen that sarg as been orphaned on January 2002 and I'd like to
> > become its maintainer, but I don't know any Debian Developer that can
> > promote my candidation and I could not f
[EMAIL PROTECTED] said:
>> Should I sign his key ?
>
> No. Request that he adds an UID to his key with his name as it appears on
> his documents (the name that he would have in a international travel pass,
> for example), and sign THAT UID (and any others you have verified to be
> completely true
On Thu, Apr 25, 2002 at 05:38:40PM -0400, Jason Lunz wrote:
> I think this needs more consideration. What is being signed into the
> trust web is an "identity". That can (and should) be independent of real
> name. Why? Because there are people in the world who live in countries
> or situations whe
On Thu, 25 Apr 2002, Jason Lunz wrote:
> trust web is an "identity". That can (and should) be independent of real
> name. Why? Because there are people in the world who live in countries
> or situations where they cannot safely reveal their real life identity.
Join the cDc then, but not Debian.
On Thu, 25 Apr 2002 02:21:37 +0200,
Julien LEMOINE <[EMAIL PROTECTED]> wrote:
> On Thursday 25 April 2002 01:19, Oohara Yuuma wrote:
> > 2) The current version of xsoldier puts its score file in /var/lib/games,
> >which is wrong. According to the FHS, it must be in
> > /var/games/xsoldier. Sin
Hi,
I wonder if it is acceptable to sign a key from someone that :
- I meet him personnaly and saw his ID
- I saw him in a public meeting in a specific role (We can consider he
is well known)
- I have a lot of public mails from him that are all signed
But the key makes no references to his nam
On Thu, Apr 25, 2002 at 10:04:20AM -0400, christophe barbé wrote:
> I wonder if it is acceptable to sign a key from someone that :
> - I meet him personnaly and saw his ID
> - I saw him in a public meeting in a specific role (We can consider he
> is well known)
> - I have a lot of public mails
On Thu, Apr 25, 2002 at 10:04:20AM -0400, christophe barb? wrote:
> I wonder if it is acceptable to sign a key from someone that :
> [irrelevent stuff]
> But the key makes no references to his name.
>
> In my understanding the ID is useless but I have enough element to
> believe he is the guy he
I forgot to mention that we exchanged encrypted secret words and that I
check the fingerprint when I meet him.
He use his email address in his gpg key but his email address is not
related to his name.
I am sure he is the guy behind the key.
I started this thread because of the debian implication
On Thu, Apr 25, 2002 at 10:56:31AM -0400, christophe barbé wrote:
> I forgot to mention that we exchanged encrypted secret words and that I
> check the fingerprint when I meet him.
> He use his email address in his gpg key but his email address is not
> related to his name.
> I am sure he is the
christophe barbé <[EMAIL PROTECTED]> writes:
> I forgot to mention that we exchanged encrypted secret words and that I
> check the fingerprint when I meet him.
>
> He use his email address in his gpg key but his email address is not
> related to his name.
>
> I am sure he is the guy behind the k
On Thu, Apr 25, 2002 at 10:56:31AM -0400, christophe barbé wrote:
> I forgot to mention that we exchanged encrypted secret words and that I
> check the fingerprint when I meet him.
> He use his email address in his gpg key but his email address is not
> related to his name.
> I am sure he is the
On Thu, Apr 25, 2002 at 10:04:39AM -0500, Steve Langasek wrote:
> I still don't understand what you mean by a 'without-ID key'. It's
> difficult to give you a clear answer unless you can give us tangible
> information. A PGP uid has three parts to it: a name, an email address,
> and a comment. W
On Thu, Apr 25, 2002 at 10:11:25AM -0500, Steve Langasek wrote:
> Upon rereading, I see what you're asking here. You're worried that if
> you sign a uid that doesn't have his name on it, and he adds another uid
> later that does have a name on it (not necessarily his), this will
> mistakenly be ac
Hi,
my name is Luigi Gangitano, I'm a member of LugRoma3 and a Debian user
for a couple of years, now.
I'd like to become a Debian Developer, just because I need the 'sarg'
package on some of the server I use.
Sarg (formerly known as SQMGRLOG) is a log analyzer for SQUID written by
Orso ([EMAIL P
On Thu, Apr 25, 2002 at 10:50:43AM -0400, Chad Miller wrote:
> No! One doesn't really sign "keys". One signs identification. If you meet
> someone, your goal is to match the picture ID with the face, and the name on
> the ID with the UID in the keyring. Just because we meet, and I show you
> an
On Thu, Apr 25, 2002 at 11:20:30AM -0400, christophe barbé wrote:
> On Thu, Apr 25, 2002 at 10:11:25AM -0500, Steve Langasek wrote:
> > Upon rereading, I see what you're asking here. You're worried that if
> > you sign a uid that doesn't have his name on it, and he adds another uid
> > later that
On Thu, Apr 25, 2002 at 10:11:25AM -0500, Steve Langasek wrote:
> > He use his email address in his gpg key but his email address is not
> > related to his name.
>
> > I am sure he is the guy behind the key.
> > I started this thread because of the debian implication.
>
> > I believe that from th
On Thu, Apr 25, 2002 at 11:22:50AM -0400, christophe barb? wrote:
> IDs are easily forged. I am sure of that since I have see how it works
To misquote Old Man Murray, it's better than relying on scent.
IDs are the best thing we have for identifying the person's real name,
and real names are _requ
On Thu, 25 Apr 2002, christophe barbé wrote:
> But the key makes no references to his name.
[...]
> Should I sign his key ?
No. Request that he adds an UID to his key with his name as it appears on
his documents (the name that he would have in a international travel pass,
for example), and sign TH
Luigi Gangitano <[EMAIL PROTECTED]> writes:
> Now I've seen that sarg as been orphaned on January 2002 and I'd like to
> become its maintainer, but I don't know any Debian Developer that can
> promote my candidation and I could not find any information about the
> former sarg maintainer to contact
Il gio, 2002-04-25 alle 21:25, Joerg Jaspert ha scritto:
> Luigi Gangitano <[EMAIL PROTECTED]> writes:
> > Now I've seen that sarg as been orphaned on January 2002 and I'd like to
> > become its maintainer, but I don't know any Debian Developer that can
> > promote my candidation and I could not fi
[EMAIL PROTECTED] said:
>> Should I sign his key ?
>
> No. Request that he adds an UID to his key with his name as it appears on
> his documents (the name that he would have in a international travel pass,
> for example), and sign THAT UID (and any others you have verified to be
> completely true)
On Thu, Apr 25, 2002 at 05:38:40PM -0400, Jason Lunz wrote:
> I think this needs more consideration. What is being signed into the
> trust web is an "identity". That can (and should) be independent of real
> name. Why? Because there are people in the world who live in countries
> or situations wher
On Thu, 25 Apr 2002, Jason Lunz wrote:
> trust web is an "identity". That can (and should) be independent of real
> name. Why? Because there are people in the world who live in countries
> or situations where they cannot safely reveal their real life identity.
Join the cDc then, but not Debian.
-
42 matches
Mail list logo
