Re: more developer identity stuff
>>"Ossama" == Ossama Othman <email@example.com> writes:
Ossama> Okay, just confirm what I need to do, I need to send a
Ossama> scanned image of my driver's license, for example, signed
Ossama> with my PGP signature to Debian. I am going to "black out"
Ossama> my license number, my address and my birthday. Will the
Ossama> photo on the license and the name on my license be enough?
Ossama> Once my identity has been confirmed, what will Debian do with
Ossama> the documents? Sorry for the paranoia, but I've never met
Ossama> any of you. Handing over things that prove my identity to
Ossama> people I don't know just doesn't sound appealing to me. :-)
Well, you realize that lack of trust also is reciprocated ;-(
Right now, I am thinking that I don't know you at all, and your lack
of trust in us engenders a like lack of trust in me, at least, and I
am unsure about having someone I distrust put code on my production
An volunteer distribution like Debian is based on openness and
trust. We also have to demonstrate accountability to our users, and
there has to be a way of getting hold of people who become developers
in case there is a rogue developer who iserts trojan horses into the
distribution. Personally, I think that telephone and snail mail
addresses should be required of all developers.
I, as a developer, stand completely behind my work; and the
developers database has my address and phone number (well, I dunno if
anuone actually saved the data that Lindsay collected)
I would think that having ones identity unequivocally
available should be mandatory for becoming a developer. If this
bothers you, maybe you should consider this endeavor again?
"Do not meddle in the affairs of wizards, for you are crunchy and
good with ketchup."
Manoj Srivastava <firstname.lastname@example.org> <http://www.datasync.com/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E