| 1 |
On Fri, Mar 25, 2011 at 2:57 PM, Dane Smith wrote: |
| 2 |
> On 03/25/2011 02:46 PM, Mike Frysinger wrote: |
| 3 |
>> On Fri, Mar 25, 2011 at 4:53 AM, Andreas K. Huettel wrote: |
| 4 |
>>> Of course now we can add additional requirements: |
| 5 |
>>> |
| 6 |
>>> * The key must have an userid that refers to an official Gentoo e-mail |
| 7 |
>>> address. E.g. dilfridge@g.o |
| 8 |
>> |
| 9 |
>> no. there's no reason for this requirement, and it prevents proxy |
| 10 |
>> maintenance long term. e-mail addresses do not verify identity, |
| 11 |
>> verifying identify verifies identity. this is the point of the web of |
| 12 |
>> trust. |
| 13 |
> |
| 14 |
> We are somewhat limited in the amount that we can verify "identity." |
| 15 |
> Sure you can get a decent web of trust from signing the keys of people |
| 16 |
> you've met at conferences, however, there will be people outside of that |
| 17 |
> web. |
| 18 |
|
| 19 |
creating one "tree key" which signs all developer keys listed in LDAP |
| 20 |
is trivial to do |
| 21 |
|
| 22 |
> What we need to verify is rather that the person who made the |
| 23 |
> commit is someone who is authorized to make the commit and that it was |
| 24 |
> in no way tampered with. |
| 25 |
|
| 26 |
you're validating only that the machine with access to the private |
| 27 |
keys pushed up the commit. hopefully the only person with said |
| 28 |
machine is the one we recruited. |
| 29 |
-mike |
Archives