This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------ulHZhGY0HNfQ0n32IzOMRiEU
Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64

RGVhciBtZW50b3JzLA0KDQpJIHR1cm4gdG8geW91IHdpdGggdGhpcyBxdWVzdGlvbjogaXMg dGhlcmUgYW55IHByb2NlZHVyZSB0byBwZXJzdWFkZSBhbiANCmluZGl2aWR1YWwgdG8gc2ln biBhIGtleSBoZSBwcm9taXNlZCB0byBzaWduIGR1cmluZyBhIGtleS1zaWduaW5nIA0KbWVl dGluZz8gSSByZWZyYWluIGZyb20gbWVudGlvbmluZyBzcGVjaWZpYyBuYW1lcyBoZXJlLCBi dXQgaGVyZSBpcyB3aGF0IA0KaGFwcGVuZWQ6DQoNCk9uIE9jdG9iZXIgNywgSSBtZXQgYSBE ZWJpYW4gZGV2ZWxvcGVyIGluIFRpbGJ1cmcsIE5MIGluIGFuIGF0dGVtcHQgdG8gDQpnZXQg YWNxdWFpbnRlZCBhbmQgc2lnbiBlYWNoIG90aGVyJ3Mga2V5cy4NCkFmdGVyIHNvbWUgY29m ZmVlIGFuZCBhIGRlY2VudCBjb252ZXJzYXRpb24sIGV4Y2hhbmdpbmcgYnVzaW5lc3MgY2Fy ZHMsIA0KYW5kIGtleSBmaW5nZXJwcmludHMsIHdlIGxlZnQgYW5kIGluZGljYXRlZCB0aGF0 IHdlIHdpbGwgc2lnbiBlYWNoIA0Kb3RoZXIncyBrZXlzLg0KSSBzaWduZWQgaGlzIGtleSBh cyBzb29uIGFzIEkgZ290IGhvbWUsIHRoZSBzYW1lIGRheS4gTXkgY291bnRlcnBhcnQgDQp0 b2xkIG1lIGl0IGNvdWxkIHRha2UgYSB3ZWVrIG9yIHNvLiAocHJldHR5IHN0cmFuZ2UgZm9y IGEgc2Vhc29uZWQgDQpkZWJpYW4gZGV2ZWxvcGVyLCBidXQgYWxyaWdodCwgSSBhbSBoYXBw eSB0byBnaXZlIHNvbWVvbmUgdGhlIGJlbmVmaXQgb2YgDQp0aGUgZG91YnQuDQoNCkFmdGVy IDMgd2Vla3MgSSBzdGFydGVkIHRvIGVtYWlsIGhpbSwgbm8gcmVzcG9uc2UuIEkgdHJpZWQg dGhpcyBzZXZlcmFsIA0KdGltZXMsIGV2ZW4gcGhvbmluZyBoaW0sIGJ1dCBldmVuIHRob3Vn aCB3ZSBhcmUgbm93IG1vcmUgdGhhbiA1IHdlZWtzIA0KZG93biB0aGUgcm9hZCwgc3RpbGwg bGlmZSBzaWducy4NCg0KT2YgY291cnNlIGl0IGNvdWxkIGJlIGFueXRoaW5nLCBidXQgSSBh bSBzdGFydGluZyB0byBmZWVsIGhvb2R3aW5rZWQuIA0KRG9lcyB0aGlzIGhhcHBlbiBtb3Jl IG9mdGVuPyBBbnkgcmVjb21tZW5kYXRpb24gZnJvbSB5b3U/DQoNClRoYW5rcyBmb3IgeW91 ciBhZHZpY2UuDQoNClJlZ2FyZHMNCk1hYXJ0ZW4NCg==

--------------ulHZhGY0HNfQ0n32IzOMRiEU--

-----BEGIN PGP SIGNATURE-----

wsD5BAABCAAjFiEEQHgC5j/bt9iVaqKB+i7cMmA+GmYFAmVTuGwFAwAAAAAACgkQ+i7cMmA+Gmao RAv8Dbv6SYVOmSS10Xd4zTNVDASmk14qSBnSWF0FBEdKJTDz9dFTouFc0JW34gU68FwyRpSwVPMb BSkM+uLRBB86n+yAf/1awdMGeCchq4/i9iypz9l8rQQJ1xVx8jGEpyTaL/KbRsBIsC7KfIWsw2UY R/My4INBU2nWszDNVQXpa+p9Wuh09bLfKqKAKBr0Ew+lrZwxvTcYWTrdRL9wth2Up9IZ2B85n9Gm 8N9segCvxp5nbJhmpulWEEY14NDjOiDI2jlRIQET4TuZpzO1onOE5L53W901RzVXgaCXT6ZgfWuR 6Xx4TlSdN5b6FwcIfqs4o5TLk0j2kpNgeHFB1snODVEgSU5ebOMgbG7LavQa/+GfTMCe5od/c8Kr Ryol2AyG3toDwV4BMqB+z7NvmrdxHsUkxXurpRhjHUx9F5X2FzANhHVQKo7u94bvDERRrY8yCULm FqV7a6rc9+R/LddJjkRsaF5at+j4fReE+oF0PJpOoG1Rs0lmhKOfk1Sth4aA
=i5ge
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi,

On Tue, Nov 14, 2023 at 07:11:56PM +0100, Maarten van Geijn wrote:

Of course it could be anything, but I am starting to feel hoodwinked. Does this happen more often? Any recommendation from you?

In big signing parties its pretty usual that a sizeable chunk never
signs your key, I suppose less so in small meetings, but the important
thing to remember here is that nobody has any obligation to sign a key
and there certainly is no handle to "force" someone to sign you back
even if they said they would.

Its not how signing a key works: You sign that you are reasonably sure
that this person is who they claim to be and are linked to certain keys.
It doesn't say anything about what they believe about you and your keys.
And if they sign you or not should have no bearing on your signature.


I can certainly understand that you are frustrated and feel cheated,
especially if you need (more) signatures to e.g. apply for DD status
and somehow the world seems to have conspired into making it especially
hard for you … but the world hasn't. There is probably a very easy and reasonable explanation – my cat ate it –, but perhaps you will never
get to know them – my cat is very sorry but I am way too embarrassed to
tell anyone – and while it is frustrating to not know, it isn't very
healthy to dwell on it either.

If I were you, I would just let it rest and look for other signing opportunities. Perhaps even key endorsements are an option.

As the saying goes: a watched pot never boils.
I have received signatures months later… and I wasn't always the fasted signer either [surprisingly, trying to keep your certification key off-
line and air-gapped somehow makes it a bit of a time-consuming ordeal to
actual use it, so I might end up putting it off and off and …].


~~~~ TRIGGER WARNING ~~~~
Imagine for a moment we weren't talking about key signing, but you two
had meet for a date. Terms like ghosting and stalking come to mind and
so this thread reads like a very dark and scary place to be in.
Lets get the hell out of here…
~~~~


Best regards

David Kalnischkies, who – full disclosure – isn't even a domestic
servant for a cat currently nor did he sign a key in a long while

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE5sn+Q4uCja/tn0GrMRvlz3HQeIMFAmVT7VsACgkQMRvlz3HQ eIONzQ/9H81q/0VPj08LKDZznmEhL3FBoJ4vsBs2MjM8B1t0dAN76WIikIEoRTcq jCdzCa3sMyP/5N6ZJJDSimgng1+CpN+taPwLEeMoXuqWqYDq95r+MfyFc2OGg6B/ sMYjrqB7m3OYqhhbnfYQG6vIYiQ9zr3QIA3CtJ0pQNFPEson0GQ87QbvOH1rif6R QPPT4KxXej8LNBNKvX1QKGRpGarbT86bh6T51bic/g17HT64br/EOXZ5OlmqBxPj +GUbiElaTGhiYx8EqKz9oOYTyzW6ELha1WZ74uoH63ZmGin7+rR5c6tTVbWYhVPp zGSq6GjHYw8BcfsgQLOEwY0nYKaG4eMMhbmHoeFLbhnKZj8p7XbvdYcCg1lZp4yX PsP0G8s4vT8KDgSJIppPEDlv6df73MbUivY+JfwjQL7m96HCtIp05lb0v+nFWRC0 gZUNuqPnotbjrgjUMqwiZKPEkhYzUkEXN9RIXq1ysG9+A/nF59Kx0srNbor0YYEG ZUOlAtC/+uTdL/g+G1hsK7wXIxxiMyUadeT5F1vnjD5NFxjiNQA51mBxxXAZGziC wPNSRgrRXHI9KMjwBeXTq0ckygXMqFc8qVd2S7dG6LgAIH89GGTJzZNo9L8LiebC q3VLiShaQh72hY5v4tQtGnS2zJgsDX8m9M3idxDdRj+Rqa43gJQ=
=te3+
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, Nov 14, 2023 at 07:11:56PM +0100, Maarten van Geijn wrote:

Dear mentors,

I turn to you with this question: is there any procedure to persuade an individual to sign a key he promised to sign during a key-signing meeting? I refrain from mentioning specific names here, but here is what happened:

On October 7, I met a Debian developer in Tilburg, NL in an attempt to get acquainted and sign each other's keys.
After some coffee and a decent conversation, exchanging business cards, and key fingerprints, we left and indicated that we will sign each other's keys. I signed his key as soon as I got home, the same day. My counterpart told me it could take a week or so. (pretty strange for a seasoned debian developer, but alright, I am happy to give someone the benefit of the doubt.

After 3 weeks I started to email him, no response. I tried this several times, even phoning him, but even though we are now more than 5 weeks down the road, still life signs.

Of course it could be anything, but I am starting to feel hoodwinked. Does this happen more often?

Yes

Any recommendation from you?

Do key-signing with more people.

Regards
Maarten

Groeten
Geert Stappers
DD, Woont in Breda, Werkt in Tilburg, is a.s. zaterdag in Utrecht.
--
Silence is hard to parse

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEin8gjG2ecykWV0FNITXRI9jBm+wFAmVT4+cACgkQITXRI9jB m+z/JBAAsJqeZXXWepOAW4NGxlVeuJGqU34n8IiV5hy26o3WDaFxeohXAynhZ23q n6HEZHbRmXPwy2bl+JmO3fRvblt5gFOxPV7ZJPh26lIIx0DnL8eV2ta406uvfePg MG8iYTQNTQQM2eiULzxT9Mgs5XJXM5JVKHKQAm7NkefTbNDXtAnWEDSfGJk4RzTC ORme/q7sVFaDnmKH8opL4VV2HDy0BD6gtkumLA3HJYqDoXyTW+xS7KxL/Qag1sGa /VN5CetUaXM5SlOSLgofPPtEYe1mf8SJCk+C0XYKjWQmmTeB69K+0pdzSM07NSbI h5qS4uCkh0izjJZjVygSPzKqQnQtKIGhnnnV0MDFWA2j9+mCn4Ml8X2umnvc4Y5T WPdMTRAosJDJQBSPauyg/BPUBCZNqGLwuQuMN57jvwWyhzBbj9zxfoejWwiCwogC 4FJgcSFo0OEwbVTYSjglznMhxb4ghX1Gx7PxJhS72HpBOF/+/iQbofimaOXcgdtn qtGhPpp+2jPP1H1BTr+28Jj0GyautYa33KecNBwq8BpTOicFLQSQBl1L3pa94gzU 8+PrG07WobFlFpiV2Kfepfxu5lwgWK+yChW7688shptOjZv6zguzgD+7qWbOFICb 9wFwNp/bDOxYasNOkt4koCu4dzCUDBA2C4HZETZa9ox4v71oPO8=
=ELQz
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2023-11-14 19:11 +0100, Maarten van Geijn wrote:

I turn to you with this question: is there any procedure to persuade an individual to sign a key he promised to sign during a key-signing meeting?

No. It is always entirely up to them.

[key was not signed]

Does this happen more often?

Yes, lots of people you swap material/ID with may never sign your key.

I am a very unreliable key-signer for instance. I often never get round to signing, or never uploading the sig, or not sending an email with the
sig back, or sign things months or years later when I find the
fingerprint stash collection.

It's not personal.

Wookey
--
Principal hats: Debian, Wookware, ARM
http://wookware.org/

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEER4nvI8Pe/wVWh5yq+4YyUahvnkcFAmVUGgIACgkQ+4YyUahv nkc+hA//e3/FOMHGXN4LKXtnRbKoWk19utSz4pYw6NJrSjO+qsoB9E244QfzfnDz D3Ucy7OYvRcFM0nnZY8A4zbLeQGPkK2h07G4qIwI/JxFgGp3FRFn5zjzjU2KgV1n wzuPIw1VivYVuo57Zj5ENYVl36KNIXe/A+PaKL6a9Iz2laA+VXUU98+EsHpYfMnM oKIWmUeG5ORBSMUNLmiev92+jXJIEltnAA1qsiMhHxVL+ALIE4eLOWJfRA8KDWWf PttXH3CXP++GPsJLBqrlTAEGd64T7mEegMunN4GYeVn6cVvxx4xPvSyiNAMscY20 NJ/2xIA7l8FgFQM98RhwguRhatplGmjDyGbKA9j5LFHkb7Fk4gZyaEPrIjRDG4ll eewIlrR9Kn1GXv+drDIPbkrP/29NCFEUhj3OUjZ0gAtZmB4YSDZpxdhFUN5ORjHm cTQ9YNREJYGOvQr2ilyp1iZJQeG1ftxHb4HP+aQ7RR+saqzKPHE6QEVpUnrdR2/V wwq96KDQg2n6UxhA+QuCy9JgYwL6GzroDzAdNJOkyNId9Z+qm1y3Vn6GDkNHHv9u 89342nrjcKS36EwyHB9qa6WyDp/6hzz9oWPgH5z8wuIi1ngYcjez/mhx0kuQFeN4 87ZuxasCplkxdi749CoR+wLqh1AT7VX9nGyGBPlIZ3jxxqHQ5BE=
=em5G
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)