On Wed, Sep 15, 2010 at 11:57:25AM -0400, Perry E. Metzger wrote: > On Wed, 15 Sep 2010 12:41:49 -0300 Henrique de Moraes Holschuh > <h...@debian.org> wrote: > > On Wed, 15 Sep 2010, Felipe Sateler wrote: > > > On 14/09/10 01:18, Gunnar Wolf wrote: > > > > - Your new key should be signed by two or more other Debian > > > > Developers > > > > > > The NM and DM processes require only one signature. Why is it > > > harder to replace a key than to become a DD? > > > > Or rather, why the requirements for the first key any weaker than > > those for DD key replacement? > > Or rather, what is the specific threat that the policy is designed to > address? Does it succeed?
The question for a key for a new DM/DD is "Are we sure this person is
who we think it is?". For a replacement key for an existing key it's
"Are we sure this key belongs to the person we already know of as a
different key, and that they want the key replaced.". The first is
simpler than the second and doesn't risk locking a developer out from
access to the project.
Personally I'd like to require 2 signatures for new DM/DDs but I
understand that would raise the bar to project entry in an unhelpful
fashion.
J.
--
Documentation - The worst part | .''`. Debian GNU/Linux Developer
of programming. | : :' : Happy to accept PGP signed
| `. `' or encrypted mail - RSA
| `- key on the keyservers.
signature.asc
Description: Digital signature
