Re: PGP signing releases
Curt Sampson <cjs@cynic.net>
From: Curt Sampson <cjs@cynic.net>
To: Greg Copeland <greg@CopelandConsulting.Net>
Cc: PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2003-02-04T05:14:43Z
Lists: pgsql-hackers
On Tue, 3 Feb 2003, Greg Copeland wrote:
> Surely there are a couple of key developers whom would be willing to
> sign each other's keys and have previously met before. Surely this
> would be the basis for phone validation. Then, of course, there is 'ol
> snail-mail route too. Of course, nothing beats meeting in person having
> valid ID and fingerprints "in hand." ;)
I should mention, I'm not always so paranoid that I check ID and all of
that. It really depends on how well I know the person. I've met Bruce only
once, so I wouldn't do it over the phone at all, since we don't share much
non-public background and I'm not dead certain that I could tell his voice
from a similar one. The same is not true when it comes to doing this with
some of my close friends.
cjs
--
Curt Sampson <cjs@cynic.net> +81 90 7737 2974 http://www.netbsd.org
Don't you know, in this new Dark Age, we're all light. --XTC