[OSM-talk] Summary of the irc meeting.

Robert McWilliam rmcw at allmail.net
Fri Apr 7 08:31:03 BST 2006


What stops someone from creating a key and signing it for a nonexistant
person?

On Fri, 07 Apr 2006 09:22:35 +0200, "Petter Reinholdtsen"
<pere at hungry.com> said:
> 
> [Immanuel Scholz]@gmx.de writes:
> >> I believe we would get a long way with requiring GPG IDs.
> >
> > How does that help in ensuring that one person can vote only once?
> 
> By setting up a trust network with GPG keys, we can ensure that there
> exist a person with the name given in the GPG key (this is what a
> signed GPG key is supposed to mean), and we also get a way to check
> who verified that this person exist by checking who signed the key.
> This make it possible to verify who is behind each key.  Besides,
> email addresses are normally associated with the keys, so we get a
> list of working email addresses for the given person.
> 
> If there are two distinct persons with the same name, we can sort out
> that problem individually, but we do weed out the problem with the
> same person creating fake identities to gain extra votes.
> 
> 
> _______________________________________________
> talk mailing list
> talk at openstreetmap.org
> http://lists.openstreetmap.org/cgi-bin/mailman/listinfo/talk
------------------ 
  Robert McWilliam
  rmcw at allmail.net
  www.ormiret.com

  The days of the digital watch are numbered.





More information about the talk mailing list