[Xorg] New committer process?

Daniel Stone daniel at freedesktop.org
Mon Jun 14 20:17:45 PDT 2004


On Mon, Jun 14, 2004 at 12:53:07PM -0700, Jeremy C. Reed wrote:
> On Mon, 14 Jun 2004, Keith Packard wrote:
> > > Isn't SSH safe enough?
> > > commiting with SSH sounds preety good way to prevent spoofing IMHO
> >
> > My question was higher level -- how do we authenticate people we give
> > accounts to on the machine in the first place.  Right now, we're mostly
> > letting each project vette people with informal irc or email
> > "authentication"; that works pretty well when you know the people involved,
> > otherwise it doesn't work.
> 
> One of the groups I am a member of requires GPG/PGP keys signed by another
> member already part of the project.
> 
> And they have to meet in person (I was told) for the verification.

I'm a part of Debian, which requires this step, but that would really
suck for a community as relatively small as X, to be honest. Luckily, I
went to linux.conf.au and exchanged signatures with keithp, but how else
would I get in, being on the other side of the world from most everyone
else who hacks on X?

-- 
Daniel Stone                                            <daniel at freedesktop.org>
freedesktop.org: powering your desktop                http://www.freedesktop.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.x.org/archives/xorg/attachments/20040615/aacbde01/attachment.pgp>


More information about the xorg mailing list