:: Re: [Dng] fraud warning
Top Page
Delete this message
Reply to this message
Author: Roger Leigh
Date:  
To: dng
Subject: Re: [Dng] fraud warning
On Mon, Dec 01, 2014 at 08:26:32PM +0100, Jaromil wrote:
> I also think that the (rather old-school) practice of pseudonimity and
> general leaning to keep personal details private when interacting on the
> Internet is important and is everyone's right. So to say, kids at school
> should be told to not use their names on a facebook profile full of
> drunken pictures in pubs. Since they may regret that sometimes.


This is one place I'm not sure I entirely agree. I agree that it's a
right which one should be able to freely exercise, but when it comes to
contributing to a distribution, I do think that real world identities
are necessary.

Joining Debian requires a real-world meeting with an existing developer,
exchanging key fingerprints to allow validation of the tie between that
key and that person. But that also includes validating a legal form
of identification and having that legal identity on at least one of the
key uids. I would not personally sign a key which did not match a
persons true legal identity.

This does provide certain benefits, not least of which is the fact that
if you break the agreements you made when you joined the project, e.g.
by malicious action, you are identifiable and can be held legally
accountable. It also gives collaborators and end users confidence in
the legitimacy of your work and that you are who you say you are. Free
software development is completely public; there's no need for anonymity
or pseudoanonymity to participate in it at the level of the Debian or
Devuan projects.


Kind regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux    http://people.debian.org/~rleigh/
 `. `'   schroot and sbuild  http://alioth.debian.org/projects/buildd-tools
   `-    GPG Public Key      F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800