| 1 |
On Sun, Jun 30, 2019 at 10:03:52AM +0200, Patrick Lauer wrote: |
| 2 |
> Adding an autogenerated "Blessed-by-Krom" has very little *meaning*, so |
| 3 |
> what do we gain by adding an autogenerated "Blessed-by-Krom"? (No, |
| 4 |
> eternal battle in the afterlife is not guaranteed) |
| 5 |
> |
| 6 |
> Since it's mandatory to continue committing, and autogenerated ... what |
| 7 |
> does it really do? And how does it do more than requiring people to read |
| 8 |
> and understand the rules before, and signing their commits? (Which, |
| 9 |
> legally, shows an equivalent intent) |
| 10 |
> |
| 11 |
> (Does anyone actually read *and understand* Terms&Conditions? How do you |
| 12 |
> verify that? Usually you'd just assume that people are not actively |
| 13 |
> malicious and that their word is enough) |
| 14 |
> |
| 15 |
> So from my perspective GLEP76 doesn't really improve the situation, just |
| 16 |
> makes everything more complex and causes exhausting discussions about |
| 17 |
> non-technical topics that don't improve the distro. |
| 18 |
As a clear example of meaningful agreement to the DCO vs the |
| 19 |
autogenerated agreement that Patrick is concerned about, look at GnuPG's |
| 20 |
model: |
| 21 |
|
| 22 |
1. A new contributor must send a OpenPGP-signed copy of the GnuPG DCO |
| 23 |
text to the public mailing list (the exact wording of the DCO |
| 24 |
contains only a minor change s/open/free/ per FSF principles). |
| 25 |
2. Signed-off-by trailer in the commit message is ALSO required, and is |
| 26 |
only used to verify against the DCO registry. |
| 27 |
3. The documentation says a) no pseudonyms, and b) anonymous contributions |
| 28 |
can be done with a proxy who is willing to certify for you: |
| 29 |
https://gnupg.org/faq/HACKING.html#sec-1-3 |
| 30 |
4. There's a registry of DCO signatories: |
| 31 |
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=AUTHORS;hb=HEAD#l163 |
| 32 |
|
| 33 |
However, there are two names that stand out as pseudonyms: |
| 34 |
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=AUTHORS;hb=HEAD#l187 |
| 35 |
|
| 36 |
I think is an implicit outcome of the two policy statements together: |
| 37 |
Pseudonyms are also valid if there is a certifying proxy. |
| 38 |
|
| 39 |
|
| 40 |
-- |
| 41 |
Robin Hugh Johnson |
| 42 |
Gentoo Linux: Dev, Infra Lead, Foundation Treasurer |
| 43 |
E-Mail : robbat2@g.o |
| 44 |
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 |
| 45 |
GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136 |
Archives