From owner-cvs-doc@FreeBSD.ORG Mon Nov 14 09:25:23 2011 Return-Path: Delivered-To: cvs-doc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2FE1B1065675; Mon, 14 Nov 2011 09:25:23 +0000 (UTC) (envelope-from utisoft@gmail.com) Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com [209.85.210.182]) by mx1.freebsd.org (Postfix) with ESMTP id AA4E78FC14; Mon, 14 Nov 2011 09:25:22 +0000 (UTC) Received: by iakl21 with SMTP id l21so8149769iak.13 for ; Mon, 14 Nov 2011 01:25:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type :content-transfer-encoding; bh=Axup3bZJJZxY3XZ3SLC7vsES3127Ek52kym97Oo+mlk=; b=TS7DpkXSM1eF6VwlMVGakxWKgwaOqoOZX62TNEIs8dk9ok0DY/T2DhgE9sQHtJ/8YV Ia3smAowQS8Xeija5zK1B7XuVpjjQy+G7tJo91ZF1jcoTs978vx2gM6mPxStZhaA661e z2y+A7oE7vDjOBPT3Zk5GyAms6AQkBgvxfABA= Received: by 10.50.158.227 with SMTP id wx3mr22322803igb.52.1321262722126; Mon, 14 Nov 2011 01:25:22 -0800 (PST) MIME-Version: 1.0 Sender: utisoft@gmail.com Received: by 10.231.11.140 with HTTP; Mon, 14 Nov 2011 01:24:51 -0800 (PST) In-Reply-To: <4EC0680D.1080509@FreeBSD.org> References: <4EC0680D.1080509@FreeBSD.org> From: Chris Rees Date: Mon, 14 Nov 2011 09:24:51 +0000 X-Google-Sender-Auth: gT8bbfFnRli3_dnnBmP8DPQWB34 Message-ID: To: Doug Barton , kib@freebsd.org, core@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: doc-committers@freebsd.org, d@delphij.net, cvs-doc@freebsd.org, cvs-all@freebsd.org Subject: Re: Removing stale PGP keys (Was: Re: cvs commit: doc/share/pgpkeys aaron.key ...) X-BeenThere: cvs-doc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the doc and www trees List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Nov 2011 09:25:23 -0000 On 14 November 2011 00:59, Doug Barton wrote: > On 11/13/2011 01:15, Chris Rees wrote: >> On 13 November 2011 07:51, Xin LI wrote: >>> (I personally consider having these keys beneficial unless they are >>> fully expired by the way -- consider this: one day they might send an >>> email asking to re-activate their commit bit, without the key in >>> print, we have no easy way to validate their identity unless someone >>> else have signed their keys in the past and not excluded in the handboo= k). >> >> I agree, however the key is still in CVS, and this is unusual enough >> that I (and it seems a few others) don't see the need for alumni's >> keys to be in the 'printed' Handbook. =A0We need to be consistent about >> who is and who isn't in there. > > There is absolutely no reason to have keys from former committers in the > Handbook. They are almost all (I'd say at least 95%) on a keyserver > somewhere, and if not, they can be dug out of CVS in the incredibly > unlikely scenario that we need to validate a signature at some point > down the road. The argument that stale keys can be used for verifying > the identity of a former committer is also almost certain to be > spurious, given that a significant percentage of the existing keys (I'd > like to say a majority, but I have no data to back that up) have long > since passed out of the control of the *existing* committers, never mind > the former ones. This isn't just pessimism/negativity on my part, it's > based on my past experience in contacting committers privately > suggesting that they update their broken keys. > >> I'll open it up for discussion with core involved as well (as >> requested by another developer). > > I completely fail to see how core@ should have a role here, but > hopefully they will agree with me for a change. :) > Yes, well hopefully the core developer who requested the review is content with my admission of error in checking committers for currency-- I think that was his only concern. It'd be great if he confirms that.... Chris