1 |
> > * The key must have an userid that refers to an official Gentoo e-mail |
2 |
> > address. E.g. dilfridge@g.o |
3 |
> |
4 |
> no. there's no reason for this requirement, and it prevents proxy |
5 |
> maintenance long term. e-mail addresses do not verify identity, |
6 |
> verifying identify verifies identity. this is the point of the web of |
7 |
> trust. |
8 |
|
9 |
So what sort of identity do you want to verify? Seriously, at the moment when I got my commit bit, noone from Gentoo had ever met me in person, and for sure noone had ever had a look at my passport or any similar legal document. The only established connection was my preexisting gpg key, which was then coupled to my gentoo account. |
10 |
|
11 |
As for proxy maintenance, isn't the whole point of that that the proxied maintainers are not devs and do not have (commit access | a gentoo.org user id)? I do not understand how this would prevent proxy maintenance. |
12 |
|
13 |
Now, e.g. overlay access is a different matter. But first things first. |
14 |
|
15 |
|
16 |
-- |
17 |
Andreas K. Huettel |
18 |
Gentoo Linux developer - kde, sci, arm, tex |
19 |
dilfridge@g.o |
20 |
http://www.akhuettel.de/ |