1 |
On 06/01/17 23:01, Rich Freeman wrote: |
2 |
> On Fri, Jan 6, 2017 at 5:48 PM, Kent Fredric <kentnl@g.o> wrote: |
3 |
>> More, the intellectual curiosity how we could improve the cryptographic |
4 |
>> reliability of Gentoo in realistic terms via trust webs is a discussion |
5 |
>> in itself. |
6 |
>> |
7 |
>> The main point of this thread was to attempt to create this web of |
8 |
>> trust by forcing new users be signed. |
9 |
>> |
10 |
>> But the overall objective is not to deter contributors, but to improve |
11 |
>> the WoT by realistic means. |
12 |
>> |
13 |
>> So exploring the mechanisms by which we achieve the WoT independently |
14 |
>> of whether or not we make it a barrier to entry I think is the thing to |
15 |
>> focus on. |
16 |
> So, I was chatting with k_f about this on the side, but I think |
17 |
> something you should look at is creating a voluntary framework to |
18 |
> encourage this. Nobody is going to object to that, and it lets you |
19 |
> get a sense of what it takes. If it works really well then maybe |
20 |
> there would be interest in making it mandatory, and if nobody likes it |
21 |
> then probably not. Either way though it probably will capture a lot |
22 |
> of the value without becoming a barrier to anybody. |
23 |
> |
24 |
> This isn't unlike where we ended up in discussions around copyright |
25 |
> assignment. For all of its benefits it also causes some sticky |
26 |
> issues, and you can probably get 80% of the benefit on a voluntary |
27 |
> basis, so that is the direction we've been moving in. |
28 |
> |
29 |
+1 try it out .. see what breaks .. look at the viability, work through |
30 |
some issues, assess the pro's and con's ... |