incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Franklin, Matthew B." <>
Subject RE: key signing
Date Mon, 08 Oct 2012 11:44:57 GMT
>-----Original Message-----
>From: Marvin Humphrey []
>Sent: Friday, October 05, 2012 8:54 PM
>Subject: Re: key signing
>On Fri, Oct 5, 2012 at 8:55 AM, Jukka Zitting <> wrote:
>> It's good to recommend people to get their keys signed by someone in
>> the Apache web of trust and I think we could do more in that area,
>Maybe if we didn't insist on face-to-face meetings we'd get better adoption
>Apache dev docs:
>    How To Link Into A Public Web Of Trust
>    In short, expect that:
>        *   this will involve a face-to-face meeting
>GnuPG docs:
>    A key's fingerprint is verified with the key's owner.  This may be done in
>    person or over the phone or through any other means as long as you can
>    guarantee that you are communicating with the key's true owner.

+1.  I think with technologies like Skype & Google Hangout, we can get the same level
of assurance of a person's identity as a physical key signing party.

What if we held a regular Google Hangout Key Signing party?  We can always ask participants
to show IDs :)

>Marvin Humphrey
>To unsubscribe, e-mail:
>For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message