1 |
On Sun, Jun 30, 2019 at 10:03:52AM +0200, Patrick Lauer wrote: |
2 |
> Adding an autogenerated "Blessed-by-Krom" has very little *meaning*, so |
3 |
> what do we gain by adding an autogenerated "Blessed-by-Krom"? (No, |
4 |
> eternal battle in the afterlife is not guaranteed) |
5 |
> |
6 |
> Since it's mandatory to continue committing, and autogenerated ... what |
7 |
> does it really do? And how does it do more than requiring people to read |
8 |
> and understand the rules before, and signing their commits? (Which, |
9 |
> legally, shows an equivalent intent) |
10 |
> |
11 |
> (Does anyone actually read *and understand* Terms&Conditions? How do you |
12 |
> verify that? Usually you'd just assume that people are not actively |
13 |
> malicious and that their word is enough) |
14 |
> |
15 |
> So from my perspective GLEP76 doesn't really improve the situation, just |
16 |
> makes everything more complex and causes exhausting discussions about |
17 |
> non-technical topics that don't improve the distro. |
18 |
As a clear example of meaningful agreement to the DCO vs the |
19 |
autogenerated agreement that Patrick is concerned about, look at GnuPG's |
20 |
model: |
21 |
|
22 |
1. A new contributor must send a OpenPGP-signed copy of the GnuPG DCO |
23 |
text to the public mailing list (the exact wording of the DCO |
24 |
contains only a minor change s/open/free/ per FSF principles). |
25 |
2. Signed-off-by trailer in the commit message is ALSO required, and is |
26 |
only used to verify against the DCO registry. |
27 |
3. The documentation says a) no pseudonyms, and b) anonymous contributions |
28 |
can be done with a proxy who is willing to certify for you: |
29 |
https://gnupg.org/faq/HACKING.html#sec-1-3 |
30 |
4. There's a registry of DCO signatories: |
31 |
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=AUTHORS;hb=HEAD#l163 |
32 |
|
33 |
However, there are two names that stand out as pseudonyms: |
34 |
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=AUTHORS;hb=HEAD#l187 |
35 |
|
36 |
I think is an implicit outcome of the two policy statements together: |
37 |
Pseudonyms are also valid if there is a certifying proxy. |
38 |
|
39 |
|
40 |
-- |
41 |
Robin Hugh Johnson |
42 |
Gentoo Linux: Dev, Infra Lead, Foundation Treasurer |
43 |
E-Mail : robbat2@g.o |
44 |
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 |
45 |
GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136 |