lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.LFD.2.02.1110061214290.18778@ionos>
Date:	Thu, 6 Oct 2011 12:22:01 +0200 (CEST)
From:	Thomas Gleixner <tglx@...utronix.de>
To:	Adrian Bunk <bunk@...sta.de>
cc:	Ted Ts'o <tytso@....edu>, "Frank Ch. Eigler" <fche@...hat.com>,
	Valdis.Kletnieks@...edu, "H. Peter Anvin" <hpa@...or.com>,
	"Rafael J. Wysocki" <rjw@...k.pl>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Greg KH <gregkh@...e.de>
Subject: Re: kernel.org status: establishing a PGP web of trust

On Thu, 6 Oct 2011, Adrian Bunk wrote:
> On Thu, Oct 06, 2011 at 01:57:24AM +0200, Thomas Gleixner wrote:
> > Whatfor? To regain your k.org account? Can you provide a single
> > reason why that should happen?
> > 
> > I can't think of one. You vanished away with a big bang and now you
> > come back out of the blue and assume that you're a trusted person just
> > by slapping a few signs on your key?
> 
> I would say I vanished silently after several big bangs with you and 
> other people and some other incidents, but that's not really relevant.
> 
> My main reason for regaining my kernel.org account is that I heavily 
> used my bunk@...nel.org address for kernel development (just check the 
> kernel history), and I was still getting emails to that.
> 
> Assuming the @kernel.org addresses will not vanish, I need accepted 
> credential for accessing that address.

You seem to believe that the fact that you had a @k.org address is
enough of a reason that it will be restored?

> > As your idea of trust seems to be based on an ID card you better find
> > some other place with people who are stupid enough to believe that
> > technical measures can replace deep personal trust.
> 
> We are talking about the technical requirements for regaining an 
> account I was trusted to have before.

As you might have noticed, the rules under which those accounts are
given out have been changed and the change is not only a question of
providing a signed gpg key.

Thanks,

	tglx
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ