[Dev] Public key approval request

Nicolás Reynolds fauno at kiwwwi.com.ar
Sun May 12 17:46:07 GMT 2013


"Luke T. Shumaker" <lukeshu at sbcglobal.net> writes:

> At Fri, 10 May 2013 00:11:13 +0200,
> Guest One wrote:
>> Hi guys,
>> 
>> i need that you sign my public key to be it included on parabola-keyring
>> due that my must be trusted under signatures.
>
> I ,memo'ed this to you on IRC while you were offline, but you might
> not have seen it, and since it might apply to other hackers in the
> future, I'll post it here.
>
> ----
>
> So, the deal with signing keys is that you are supposed to have proof
> that a key belongs to the person it claims to belong to. Hence,
> key-signing parties where you bring your pub key, and photo ID.
>
> Of course, for Parabola developers, that's difficult.  They rule I've
> followed is that if you have SSH to the servers and are pushing
> packages, I'm already trusting you to put software on my system, so
> I'll sign the key sitting on a server.
>
> Plop your pub key/fingerprint in a text file in the home directory of
> repo at repo.parabolagnulinux.org, and I'll sign it. If you'd rather a
> different account, let me know.
>
> Or, if you'd rather, put it on the /hackers page on the website, along
> with your other info.  I should do a write-up on how to do that, since
> I think it's just me and fauno who know how to do that (of the active
> hackers).

i agree, and also try to have a crypted exchange of previous
conversations in the channel, so we can check a little bit more.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20130512/351eff9d/attachment.sig>


More information about the Dev mailing list