The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: new maintainer verification

To: Kevin Dalley <kevin@aimnet.com>
Subject: Re: new maintainer verification
From: Mark Shuttleworth <marks@thawte.com>
Date: Tue, 4 Feb 1997 11:07:55 +0200 (SAT)
Cc: debian-private@lists.debian.org
Importance: low
In-reply-to: <87d8uh0xj8.fsf@aplysia.iway.aimnet.com>
Priority: non-urgent
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"Xqm3M.0.zW5.Zslzo"@master.debian.org>
Resent-reply-to: debian-private@lists.debian.org
Resent-sender: debian-private-request@lists.debian.org

> 
> What are work details?  Do you need to know where I work?  This is
> unlikely to be up to date for me.  I suppose that accuracy is less
> important than matching a database.  Just because a person
> is identified as genuine doesn't mean that the person filling out the
> form is that genuine person.  How do you prevent false identification?
> 
> People are more likely to be in a database as their age increases.  Is
> this desirable for Debian.  Is it acceptable for any of our current
> developers to fail to be in the database?

There's some confusion here because Bruce mentioned credit bureaus.  We do
NOT use them - we verify the data independently.  This may change in the
future... we may bomb the query at a credit burea and if it can't veryify
it directly then we may do the work ourselves.

Either way it won't be a problem if the person is not in any of the
databases we eventually use, because we do the background work ourselves.

It's hard for us to automate this because we cover so many countries.
Automatic procedures are different in the US to in .ZA and .UK...

Look - this isn't going to be perfect,  because there will be people who
we just cannot service.  However, PG uses a "web of trust" model.  I'd
recommend that Lars configure the PGP key checker to trust several
signatures, including Thawte's Basic and Premium ones,  and those of
several well known and trusted developers in each country.  That way
developers can get their keys signed by a local developer if they can meet
them personally,  or through Thawte as a general CA.

That's the real beauty of PGP!

--
Mark Shuttleworth
Thawte Consulting


--
Please respect the confidentiality of material on the debian-private list.
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Follow-Ups:
- Re: new maintainer verification
  - From: Lars Wirzenius <liw@iki.fi>

References:
- Re: new maintainer verification
  - From: Kevin Dalley <kevin@aimnet.com>

Prev by Date: Re: new maintainer verification
Next by Date: Re: debian/RH question
Previous by thread: Re: new maintainer verification
Next by thread: Re: new maintainer verification
Index(es):
- Date
- Thread