Re: [Debconf-discuss] GPG keysigning?

[Wouter Verhelst <wouter@debian.org>]

On Thu, Jun 25, 2009 at 11:24:29AM -0700, Russ Allbery wrote:
> Giacomo Catenazzi <cate@cateee.net> writes:
> > A naive question: why does not FSF check identity of contributors?
> > They must sign a copyright assignment (or disclaimer), send this
> > document to FSF, but I see no identity check on FSF side.
> >
> > They do this for legal reasons!
> >
> > For FSF copyright assignment is more important than identity check.
> > For us seems the contrary, but AFAIK FSF work closely with lawyer then
> > us!
> 
> This may appear counterintuitive, but I believe the FSF is at
> significant less legal risk for the sorts of problems we're discussing
> than Debian is.  This is because the FSF doesn't distribute binaries and
> doesn't provide automated updates to systems.

Even if this were true (which I doubt), I'm quite certain that whether
or not you use your real name on a piece of software has any relevance
whatsoever as to whether you're accountable and/or can be sued for what
you did with said software.

There is no reason other than "it's good form" why we would require a
real name from contributors.

-- 
The biometric identification system at the gates of the CIA headquarters
works because there's a guard with a large gun making sure no one is
trying to fool the system.
  http://www.schneier.com/blog/archives/2009/01/biometrics.html