> 
> I don't see anything in glep 76 about requiring verification of the
> signatures.  It's my view (as trustee) that assertation by the signer
> that 'this is my signature' is sufficient.

^ This. 

It's not our business to check IDs, and it's not our business to stalk people 
on google or facebook.

Now if someone says "Here's my name, and actually it is a fake name", then 
that is a reason to refuse commit rights or patch acceptance, and probably ask 
for some sort of verification when another name is then given. 

(That behaviour is roughly as intelligent as walking up to the security guy at 
the airport and claiming loudly "I have a bomb in my luggage.")

Apart from that, I dont think we should care.

-- 
Andreas K. Hüttel
dilfridge@gentoo.org
Gentoo Linux developer 
(council, toolchain, base-system, perl, libreoffice)