Re: [gentoo-project] call for agenda items -- council meeting 2019-04-14 - gentoo-project

From:	"Michał Górny" <mgorny@g.o>
To:	gentoo-project@l.g.o
Subject:	Re: [gentoo-project] call for agenda items -- council meeting 2019-04-14
Date:	Thu, 04 Apr 2019 05:20:57
Message-Id:	`f571f148e2c24dbe0aeb7856efd5c795f97eb4be.camel@gentoo.org`
In Reply to:	Re: [gentoo-project] call for agenda items -- council meeting 2019-04-14 by Alec Warner

1

On Wed, 2019-04-03 at 18:35 -0400, Alec Warner wrote:

2

> On Wed, Apr 3, 2019 at 2:44 PM Michał Górny <mgorny@g.o> wrote:

3

>

4

> > On Wed, 2019-04-03 at 17:43 +0300, Andrew Savchenko wrote:

5

> > > Why? We have no way to verify that provided names are valid or that

6

> > > provided ID's are valid. At least in my jurisdiction such

7

> > > information collected can't be used for legal action or protection

8

> > > without following established government-assisted verification

9

> > > procedure. In other jurisdictions similar problems may and will

10

> > > arise.

11

> >

12

> > 'Perfect is the enemy of good'.  Claiming that you can't be 100% sure

13

> > that someone's giving his real name doesn't imply that everyone is using

14

> > fake names.  Or that it makes no sense to use them.

15

> >

16

> > > Additional problem is personal data collection, it is

17

> > > restricted or heavily regulated in many countries. One can't just

18

> > > demand to show an ID via electronic means without following

19

> > > complicated data protection procedures which are likely to be

20

> > > incompatible between jurisdictions.

21

> >

22

> > Do you have any proof of that, or are you just basing your comments

23

> > on the common concept of misunderstanding GDPR and extending it to match

24

> > your private interest?

25

> >

26

> > > So the real name requirement gives us no real protection from

27

> > > possible cases, but creates real and serious problems by kicking

28

> > > active developers and contributors from further contributions.

29

> > > NP-Hardass is not the only one.

30

> >

31

> > Do you have any proof of that?  As far as I'm concerned, we're pretty

32

> > clear that NP-Hardass can't contribute to Gentoo, and that his previous

33

> > contributions shouldn't have been accepted in the first place (and why

34

> > Trustees agreed to them is another problem).  Are you going to take

35

> > legal and financial responsibility if his employer claims copyright to

36

> > his contributions?  And if you say yes, are you going to really take it

37

> > or go with the forementioned attitude that we can't legally force you

38

> > to?

39

> >

40

>

41

> Under the current policy we do not accept contributions from contributors

42

> whose names we believe are not real identities. The current policy says

43

> nothing about previous contributions; almost everyone who contributed to

44

> Gentoo over the past 20 years did so without signing anything, without

45

> identity verification, and with no DCO. Those commits were accepted and

46

> continue to be accepted until we decide otherwise. I don't like the way you

47

> construe the previous work of hundreds of people who contributed to the

48

> project; I find the idea that we should never have accepted these

49

> contributions to be pretty offensive.

50

>

51

> You are free to blame the organization for having bad policies (and you do

52

> and I'm the board President and I will 1000% take the blame) but don't for

53

> a minute blame people who are just trying to contribute and following the

54

> policies that the project had at the time. As you wrote above "perfect is

55

> the enemy of the good" and if we rejected the previous 20 years of work

56

> we'd have basically nothing, so we accept that risk as a cost of continuing

57

> to exist as a Foundation. No business operates with zero risk.

58

59

I'm sorry.  I don't know what exact knowledge people who made those

60

decisions had.  I'm just saying that if you know that someone is hiding

61

his contributions to Gentoo from his employer, and if you know that

62

employers often claim copyright to all work their employees do... you

63

get the picture, right?

64

65

And no, I'm not saying people will sue the hell out of us, take all our

66

money, arrest all developers they can.  What I'm really worried about is

67

that if they claim copyright to those contributions, we will have to

68

spend a lot of work finding all his contributions and replacing them

69

with unencumbered code.  And it will be especially hard to prove we

70

aren't copying that copyrighted code given that ebuilds are very uniform

71

by nature.

72

73

> > > I invited some gifted people with

74

> > > high quality out-of-tree work to become contributors or developers,

75

> > > but due to hostile attitude towards anonymous contributors they

76

> > > can't join. And people want to stay anonymous for good reasons,

77

> > > because they are engaged with privacy oriented development.

78

> > This is a very vague statement that sounds like serious overstatement

79

> > with no proof, aimed purely to force emotional reaction to support your

80

> > proposal.  If you really want to propose something meaningful, I'd

81

> > really appreciate if you used real evidence to support it rather than

82

> > vague claims.

83

> >

84

> > > We are loosing real people, real contributions and real community.

85

> > > What for? For solving imaginary problems with inappropriate tools.

86

> > >

87

> >

88

> > Thank you for telling us that copyright is an imaginary problem.

89

> >

90

>

91

> Your words are like knives, and this leads to a perception of antagonism.

92

93

...and accusing Council of 'solving imaginary problems' is not?  As far

94

as I'm concerned, that's a *very antagonistic* statement, and seriously

95

undermining Council's professionality.

96

97

> 1) The policies of the project currently prioritize a knowledge of where

98

> commits come from in order to eventually reduce liability risk for the

99

> project.

100

> 2) I firmly do not believe the project has anything against anonymous /

101

> pseudonymous contributors (nor should it; if you think it does I'm happy to

102

> amend bylaws, GLEPs, and any other charter documents to state that we have

103

> nothing against that type of contribution.)

104

> 3) The current policy makes it difficult to contribute in this way; because

105

> we have this trade-off we have made where we want to know where commits

106

> come from for legal reasons.)

107

>

108

> Its OK to say "Hi X, we cannot accept your anonymous / pseudonymous

109

> contribution because of this policy, and we made this policy to solve a

110

> problem of copyright liability for the organization."

111

> I don't think its OK to say "Hi X, its completely unreasonable to want to

112

> contribute to Gentoo in an Anonymous or Pseudonymous manner; please file

113

> your identity papers to me immediately!"

114

>

115

> My reading is your comments are closer to the latter than the former; I'm

116

> just not sure why that is.

117

>

118

> I think its perfectly sane to ask "how can we build an organization where

119

> we can accept pseudonymous contributions and contain our liability for code

120

> from unverified contributors?" and have people interested in that write up

121

> and vet proposals. I get that its a complex and difficult problem area;

122

> maybe none of the proposals will work! but that doesn't meant we shouldn't

123

> try to do it.

124

125

This seems to entirely miss the point taken from Linux policy, and focus

126

on the 'Gentoo is Foundation' model.  It's not.  Gentoo is distributed

127

to all our users, and all our users need to be able to verify that

128

the code comes from contributors who are actually allowed to contribute.

129

They can't really hit 'Foundation has this data somewhere in secret'

130

wall.  If not anything else, this makes the project non-transparent,

131

and raises serious doubts whether users can actually trust it.

132

133

--

134

Best regards,

135

Michał Górny

Gentoo Archives: gentoo-project

Attachments

1	On Wed, 2019-04-03 at 18:35 -0400, Alec Warner wrote:
2	> On Wed, Apr 3, 2019 at 2:44 PM Michał Górny <mgorny@g.o> wrote:
3	>
4	> > On Wed, 2019-04-03 at 17:43 +0300, Andrew Savchenko wrote:
5	> > > Why? We have no way to verify that provided names are valid or that
6	> > > provided ID's are valid. At least in my jurisdiction such
7	> > > information collected can't be used for legal action or protection
8	> > > without following established government-assisted verification
9	> > > procedure. In other jurisdictions similar problems may and will
10	> > > arise.
11	> >
12	> > 'Perfect is the enemy of good'. Claiming that you can't be 100% sure
13	> > that someone's giving his real name doesn't imply that everyone is using
14	> > fake names. Or that it makes no sense to use them.
15	> >
16	> > > Additional problem is personal data collection, it is
17	> > > restricted or heavily regulated in many countries. One can't just
18	> > > demand to show an ID via electronic means without following
19	> > > complicated data protection procedures which are likely to be
20	> > > incompatible between jurisdictions.
21	> >
22	> > Do you have any proof of that, or are you just basing your comments
23	> > on the common concept of misunderstanding GDPR and extending it to match
24	> > your private interest?
25	> >
26	> > > So the real name requirement gives us no real protection from
27	> > > possible cases, but creates real and serious problems by kicking
28	> > > active developers and contributors from further contributions.
29	> > > NP-Hardass is not the only one.
30	> >
31	> > Do you have any proof of that? As far as I'm concerned, we're pretty
32	> > clear that NP-Hardass can't contribute to Gentoo, and that his previous
33	> > contributions shouldn't have been accepted in the first place (and why
34	> > Trustees agreed to them is another problem). Are you going to take
35	> > legal and financial responsibility if his employer claims copyright to
36	> > his contributions? And if you say yes, are you going to really take it
37	> > or go with the forementioned attitude that we can't legally force you
38	> > to?
39	> >
40	>
41	> Under the current policy we do not accept contributions from contributors
42	> whose names we believe are not real identities. The current policy says
43	> nothing about previous contributions; almost everyone who contributed to
44	> Gentoo over the past 20 years did so without signing anything, without
45	> identity verification, and with no DCO. Those commits were accepted and
46	> continue to be accepted until we decide otherwise. I don't like the way you
47	> construe the previous work of hundreds of people who contributed to the
48	> project; I find the idea that we should never have accepted these
49	> contributions to be pretty offensive.
50	>
51	> You are free to blame the organization for having bad policies (and you do
52	> and I'm the board President and I will 1000% take the blame) but don't for
53	> a minute blame people who are just trying to contribute and following the
54	> policies that the project had at the time. As you wrote above "perfect is
55	> the enemy of the good" and if we rejected the previous 20 years of work
56	> we'd have basically nothing, so we accept that risk as a cost of continuing
57	> to exist as a Foundation. No business operates with zero risk.
58
59	I'm sorry. I don't know what exact knowledge people who made those
60	decisions had. I'm just saying that if you know that someone is hiding
61	his contributions to Gentoo from his employer, and if you know that
62	employers often claim copyright to all work their employees do... you
63	get the picture, right?
64
65	And no, I'm not saying people will sue the hell out of us, take all our
66	money, arrest all developers they can. What I'm really worried about is
67	that if they claim copyright to those contributions, we will have to
68	spend a lot of work finding all his contributions and replacing them
69	with unencumbered code. And it will be especially hard to prove we
70	aren't copying that copyrighted code given that ebuilds are very uniform
71	by nature.
72
73	> > > I invited some gifted people with
74	> > > high quality out-of-tree work to become contributors or developers,
75	> > > but due to hostile attitude towards anonymous contributors they
76	> > > can't join. And people want to stay anonymous for good reasons,
77	> > > because they are engaged with privacy oriented development.
78	> > This is a very vague statement that sounds like serious overstatement
79	> > with no proof, aimed purely to force emotional reaction to support your
80	> > proposal. If you really want to propose something meaningful, I'd
81	> > really appreciate if you used real evidence to support it rather than
82	> > vague claims.
83	> >
84	> > > We are loosing real people, real contributions and real community.
85	> > > What for? For solving imaginary problems with inappropriate tools.
86	> > >
87	> >
88	> > Thank you for telling us that copyright is an imaginary problem.
89	> >
90	>
91	> Your words are like knives, and this leads to a perception of antagonism.
92
93	...and accusing Council of 'solving imaginary problems' is not? As far
94	as I'm concerned, that's a very antagonistic statement, and seriously
95	undermining Council's professionality.
96
97	> 1) The policies of the project currently prioritize a knowledge of where
98	> commits come from in order to eventually reduce liability risk for the
99	> project.
100	> 2) I firmly do not believe the project has anything against anonymous /
101	> pseudonymous contributors (nor should it; if you think it does I'm happy to
102	> amend bylaws, GLEPs, and any other charter documents to state that we have
103	> nothing against that type of contribution.)
104	> 3) The current policy makes it difficult to contribute in this way; because
105	> we have this trade-off we have made where we want to know where commits
106	> come from for legal reasons.)
107	>
108	> Its OK to say "Hi X, we cannot accept your anonymous / pseudonymous
109	> contribution because of this policy, and we made this policy to solve a
110	> problem of copyright liability for the organization."
111	> I don't think its OK to say "Hi X, its completely unreasonable to want to
112	> contribute to Gentoo in an Anonymous or Pseudonymous manner; please file
113	> your identity papers to me immediately!"
114	>
115	> My reading is your comments are closer to the latter than the former; I'm
116	> just not sure why that is.
117	>
118	> I think its perfectly sane to ask "how can we build an organization where
119	> we can accept pseudonymous contributions and contain our liability for code
120	> from unverified contributors?" and have people interested in that write up
121	> and vet proposals. I get that its a complex and difficult problem area;
122	> maybe none of the proposals will work! but that doesn't meant we shouldn't
123	> try to do it.
124
125	This seems to entirely miss the point taken from Linux policy, and focus
126	on the 'Gentoo is Foundation' model. It's not. Gentoo is distributed
127	to all our users, and all our users need to be able to verify that
128	the code comes from contributors who are actually allowed to contribute.
129	They can't really hit 'Foundation has this data somewhere in secret'
130	wall. If not anything else, this makes the project non-transparent,
131	and raises serious doubts whether users can actually trust it.
132
133	--
134	Best regards,
135	Michał Górny