David Paleino <d.pale...@gmail.com> writes: > On Sat, 20 Jun 2009 09:04:32 +0100, Matthew Johnson wrote:
>> Also, going back to the note about reputation; There's no reason >> reputation can't be associated with a pseudonym or with a GPG key >> attached to a pseudonym. > > How do you sign such a key? You'd break the web of trust, if you don't > check at least one government-issued document having a photo. The web of trust isn't about governments; it's about signing the keys of people whose identity you've verified. Governments are just a convenient proxy to let us expand the web of trust to people whom no other DD knows in person. I would happily sign the key of someone with a pseudonym if I had personal knowledge that the person who's key I was signing was the same person who was widely known by that pseudonym on-line. It would require, in general, a personal friendship or similar detailed knowledge, but it's possible. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
