1 |
On 2017-01-06 19:39, Mart Raudsepp wrote: |
2 |
> Ühel kenal päeval, R, 06.01.2017 kell 11:30, kirjutas Yury German: |
3 |
> > OK we can do all of that. |
4 |
> > |
5 |
> > Would a notary document verifying the person that is Mailed to a |
6 |
> > party (pick an address and a responsible person), be enough to |
7 |
> > authenticate the person for the original GPG Web of Trust? In my |
8 |
> > opinion if lets say I was the one receiving the document that has be |
9 |
> > signed by a notary public, with a GPG key fingerprint on that form, |
10 |
> > and a photo verification by the Notary (Legally binding document). |
11 |
> > Then I would say that they are who they say they are. |
12 |
> > |
13 |
> > Any opinions? |
14 |
> |
15 |
> This is just insane. We already suffer with unwillingness of people to |
16 |
> become a developer with all the process involved. Until these are |
17 |
> resolved, throwing more in is just unacceptable. Period. |
18 |
|
19 |
Insane is a bit far, but it would be an unreasonable requirement to |
20 |
become a Gentoo Developer. |
21 |
|
22 |
Further, I’ve never seen any key signing policy that allowed |
23 |
identification via notary. They’ve never specifically forbade it, but |
24 |
they’ve explicitly stated that the verification must take place in |
25 |
person. |
26 |
|
27 |
> > Just an FYI on the cost. In most places a Notary Public is free at |
28 |
> > the bank (In US), or a cost of $5 or under. Not sure about other |
29 |
> > countries though. We do not want to make this cost prohibitive. |
30 |
> |
31 |
> The procedure or cost should not exist, or reimbursed with time cost as |
32 |
> well. |
33 |
> |
34 |
> But lets not go crazy here with the bureaucracy, Ok? |
35 |
> |
36 |
> You don't need to know who I am, you are not getting my copyright |
37 |
> assignment anyways. But you are getting my contributions under an open |
38 |
> source license. Lets have more people willing to do so, not throw in |
39 |
> hurdles. |
40 |
> |
41 |
|
42 |
Well, we should sort of know who you are. But, I think |
43 |
contributions are identification enough. We are more concerned about |
44 |
character, after all…right? |