> Why is it that we think we need any other email addresses for > people in the databse? It might be useful to have a single canonical e-mail address for a developer that can be easily updated. The PGP keyring isn't very good for this, since it might have multiple email addresses for a single maintainer. Likewise, the Packages files (and related Maintainers file) might contain old email addresses - depending upon when the last package upload was. There are plenty of packages in the system which have maintainer email addresses which no longer exist. Ideally, when a developer drops out of the debian project, we can tag their record as inactive. This way, we don't have to rely on periodic 'developer pings' to figure out how many developers we have (they're still a good idea, however). I think the database should eventually contain postal addresses as well (private information, of course) - as these are important for maintainer verification. We really need a single, always up-to-date database of developers to do maintainer verification properly. Otherwise, it will just be a matter of time until we get somebody who wants to abuse the system and do really damaging things. Cheers, - Jim
Attachment:
pgppOtLmf29iC.pgp
Description: PGP signature