From: Michael Everitt <m.j.everitt@iee.org>
To: gentoo-project@lists.gentoo.org
Subject: Re: [gentoo-project] call for agenda items -- council meeting 2019-04-14
Date: Wed, 3 Apr 2019 23:48:17 +0100 [thread overview]
Message-ID: <65dfe74d-e214-e384-4664-a545266a6dc7@iee.org> (raw)
In-Reply-To: <CAAr7Pr9RU1e6jaq7jR9skq9ytaTWPFWTgPw30TGuC9YiKBe_-A@mail.gmail.com>
[-- Attachment #1.1.1: Type: text/plain, Size: 6019 bytes --]
On 03/04/19 23:35, Alec Warner wrote:
> On Wed, Apr 3, 2019 at 2:44 PM Michał Górny <mgorny@gentoo.org
> <mailto:mgorny@gentoo.org>> wrote:
>
> On Wed, 2019-04-03 at 17:43 +0300, Andrew Savchenko wrote:
> > Why? We have no way to verify that provided names are valid or that
> > provided ID's are valid. At least in my jurisdiction such
> > information collected can't be used for legal action or protection
> > without following established government-assisted verification
> > procedure. In other jurisdictions similar problems may and will
> > arise.
>
> 'Perfect is the enemy of good'. Claiming that you can't be 100% sure
> that someone's giving his real name doesn't imply that everyone is using
> fake names. Or that it makes no sense to use them.
>
> > Additional problem is personal data collection, it is
> > restricted or heavily regulated in many countries. One can't just
> > demand to show an ID via electronic means without following
> > complicated data protection procedures which are likely to be
> > incompatible between jurisdictions.
>
> Do you have any proof of that, or are you just basing your comments
> on the common concept of misunderstanding GDPR and extending it to match
> your private interest?
>
> > So the real name requirement gives us no real protection from
> > possible cases, but creates real and serious problems by kicking
> > active developers and contributors from further contributions.
> > NP-Hardass is not the only one.
>
> Do you have any proof of that? As far as I'm concerned, we're pretty
> clear that NP-Hardass can't contribute to Gentoo, and that his previous
> contributions shouldn't have been accepted in the first place (and why
> Trustees agreed to them is another problem). Are you going to take
> legal and financial responsibility if his employer claims copyright to
> his contributions? And if you say yes, are you going to really take it
> or go with the forementioned attitude that we can't legally force you
> to?
>
>
> Under the current policy we do not accept contributions from contributors
> whose names we believe are not real identities. The current policy says
> nothing about previous contributions; almost everyone who contributed to
> Gentoo over the past 20 years did so without signing anything, without
> identity verification, and with no DCO. Those commits were accepted and
> continue to be accepted until we decide otherwise. I don't like the way
> you construe the previous work of hundreds of people who contributed to
> the project; I find the idea that we should never have accepted these
> contributions to be pretty offensive.
>
> You are free to blame the organization for having bad policies (and you
> do and I'm the board President and I will 1000% take the blame) but don't
> for a minute blame people who are just trying to contribute and following
> the policies that the project had at the time. As you wrote above
> "perfect is the enemy of the good" and if we rejected the previous 20
> years of work we'd have basically nothing, so we accept that risk as a
> cost of continuing to exist as a Foundation. No business operates with
> zero risk.
>
>
>
> > I invited some gifted people with
> > high quality out-of-tree work to become contributors or developers,
> > but due to hostile attitude towards anonymous contributors they
> > can't join. And people want to stay anonymous for good reasons,
> > because they are engaged with privacy oriented development.
>
>
> This is a very vague statement that sounds like serious overstatement
> with no proof, aimed purely to force emotional reaction to support your
> proposal. If you really want to propose something meaningful, I'd
> really appreciate if you used real evidence to support it rather than
> vague claims.
>
>
> > We are loosing real people, real contributions and real community.
> > What for? For solving imaginary problems with inappropriate tools.
> >
>
> Thank you for telling us that copyright is an imaginary problem.
>
>
> Your words are like knives, and this leads to a perception of antagonism.
>
> 1) The policies of the project currently prioritize a knowledge of where
> commits come from in order to eventually reduce liability risk for the
> project.
> 2) I firmly do not believe the project has anything against anonymous /
> pseudonymous contributors (nor should it; if you think it does I'm happy
> to amend bylaws, GLEPs, and any other charter documents to state that we
> have nothing against that type of contribution.)
> 3) The current policy makes it difficult to contribute in this way;
> because we have this trade-off we have made where we want to know where
> commits come from for legal reasons.)
>
> Its OK to say "Hi X, we cannot accept your anonymous / pseudonymous
> contribution because of this policy, and we made this policy to solve a
> problem of copyright liability for the organization."
> I don't think its OK to say "Hi X, its completely unreasonable to want to
> contribute to Gentoo in an Anonymous or Pseudonymous manner; please file
> your identity papers to me immediately!"
>
> My reading is your comments are closer to the latter than the former; I'm
> just not sure why that is.
>
> I think its perfectly sane to ask "how can we build an organization where
> we can accept pseudonymous contributions and contain our liability for
> code from unverified contributors?" and have people interested in that
> write up and vet proposals. I get that its a complex and difficult
> problem area; maybe none of the proposals will work! but that doesn't
> meant we shouldn't try to do it.
>
>
>
> --
> Best regards,
> Michał Górny
>
Thank you, Alec, for your rather-more-balanced approach.
[-- Attachment #1.1.2: Type: text/html, Size: 9594 bytes --]
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 801 bytes --]
next prev parent reply other threads:[~2019-04-03 22:48 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-01 3:20 [gentoo-project] call for agenda items -- council meeting 2019-04-14 William Hubbs
2019-04-02 13:47 ` Michał Górny
2019-04-03 11:31 ` NP-Hardass
2019-04-03 12:43 ` Alec Warner
2019-04-03 14:04 ` NP-Hardass
2019-04-03 14:43 ` Andrew Savchenko
2019-04-03 18:12 ` Andrew Savchenko
2019-04-03 21:39 ` Michael Everitt
2019-04-03 18:44 ` Michał Górny
2019-04-03 22:35 ` Alec Warner
2019-04-03 22:48 ` Michael Everitt [this message]
2019-04-04 5:20 ` Michał Górny
2019-04-09 20:18 ` Gokturk Yuksek
2019-04-09 20:45 ` Alec Warner
2019-04-09 20:56 ` Rich Freeman
2019-04-09 21:03 ` Raymond Jennings
2019-04-09 21:05 ` Raymond Jennings
2019-04-09 21:13 ` Gokturk Yuksek
2019-04-10 7:13 ` Michał Górny
2019-04-10 7:36 ` Alice Ferrazzi
2019-04-10 7:45 ` Michał Górny
2019-04-10 8:02 ` Michael Everitt
2019-04-10 7:42 ` Mikle Kolyada
2019-04-14 13:58 ` Andreas K. Huettel
2019-04-09 21:06 ` Ulrich Mueller
2019-04-09 21:30 ` Gokturk Yuksek
2019-04-09 21:46 ` Kristian Fiskerstrand
2019-04-09 21:50 ` Rich Freeman
2019-04-09 21:53 ` Kristian Fiskerstrand
2019-04-09 22:00 ` Kristian Fiskerstrand
2019-04-09 22:05 ` Michael Everitt
2019-04-09 22:10 ` Kristian Fiskerstrand
2019-04-09 22:49 ` Chris Reffett
2019-04-10 0:17 ` Aaron Bauman
2019-04-10 0:31 ` Michael Everitt
2019-04-10 1:12 ` Alice Ferrazzi
2019-04-14 14:09 ` Andreas K. Huettel
2019-04-10 1:58 ` Michael Orlitzky
2019-04-10 2:07 ` Aaron Bauman
2019-04-10 7:20 ` Michał Górny
2019-04-14 14:04 ` Andreas K. Huettel
2019-04-10 1:15 ` Alice Ferrazzi
2019-04-10 1:30 ` Aaron Bauman
2019-04-10 1:47 ` Alice Ferrazzi
2019-04-10 1:48 ` Aaron Bauman
2019-04-14 14:11 ` Andreas K. Huettel
2019-04-14 15:28 ` Andrew Savchenko
2019-04-14 15:48 ` Aaron Bauman
2019-04-14 16:13 ` Andrew Savchenko
2019-04-14 16:41 ` Michał Górny
2019-04-14 16:47 ` Andrew Savchenko
2019-04-10 5:42 ` Ulrich Mueller
2019-04-10 5:59 ` Ulrich Mueller
2019-04-10 6:27 ` Alice Ferrazzi
2019-04-10 6:29 ` Ulrich Mueller
2019-04-10 6:54 ` Alec Warner
2019-04-11 0:22 ` Gokturk Yuksek
2019-04-14 14:18 ` Andreas K. Huettel
2019-04-10 7:28 ` Michał Górny
2019-04-10 12:47 ` Alec Warner
2019-04-10 13:21 ` Rich Freeman
2019-04-10 22:36 ` Aaron Bauman
2019-04-14 14:23 ` Andreas K. Huettel
2019-04-03 14:56 ` Ulrich Mueller
2019-04-04 6:30 ` Mikle Kolyada
2019-04-04 7:47 ` Ulrich Mueller
2019-04-04 10:15 ` Mikle Kolyada
2019-04-03 23:05 ` Alec Warner
2019-04-04 0:20 ` Alec Warner
2019-04-09 20:46 ` Gokturk Yuksek
2019-04-09 21:01 ` Aaron Bauman
2019-04-09 21:34 ` Gokturk Yuksek
2019-04-19 6:50 ` [gentoo-project] GLEP76, legal liability around misrepresentation in copyright, real names, how it's handled at FSF, SFC & at the US copyright office! Robin H. Johnson
2019-04-20 23:41 ` Rich Freeman
2019-04-08 5:03 ` [gentoo-project] call for agenda items -- council meeting 2019-04-14 Michał Górny
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=65dfe74d-e214-e384-4664-a545266a6dc7@iee.org \
--to=m.j.everitt@iee.org \
--cc=gentoo-project@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox