[Mageia-sysadm] [RPM] cauldron core/release tagtool-0.12.3-2.mga1

nicolas vigier boklm at mars-attacks.org
Thu Mar 3 18:17:04 CET 2011


On Thu, 03 Mar 2011, Michael Scherer wrote:

> Le jeudi 03 mars 2011 à 14:58 +0100, nicolas vigier a écrit :
> > On Thu, 03 Mar 2011, Michael Scherer wrote:
> > 
> > > Le jeudi 03 mars 2011 à 11:07 +0100, Romain d'Alverny a écrit :
> > > 
> > > > Giving your name is not a loss of privacy. Giving an email address
> > > > contact is not a loss of privacy. 
> > > 
> > > It depend to who you give it. And given
> > > http://www.merriam-webster.com/dictionary/privacy , I think it can be
> > > qualified to be, yes. 
> > > 
> > > So while some people do not see problem with this, some others do, and
> > > we should listen to their wishes. After a quick check, there is around
> > > 10 people out of 250 in the directory with obviously fake names ( cause
> > > I think no one is called "palm pre" ).
> > > 
> > > Some people may have very good reasons to not wanting to give their real
> > > name or email address. I know several companies where the manager is ok
> > > to send stuff upstream, but do not the name of the company to be
> > > mentioned ( for example some divisions of France Telecom do this and
> > > there is also some rumors about Trolltech doing the same before Nokia
> > > era ). 
> > 
> > I think that's not a problem here. We're not checking ID of people who
> > create accounts, so they can use the name they want to be called.
> 
> Not yet. What about the day someone will propose to use gpg and the web
> of trust ( who is currently based on checking ID card ) for some stuff ?

If we decide one day that we require signed gpg key, then we can discuss
that day the details of what kind of signatures we require. Today we
don't require anything like this. But it's possible to sign key without
checking ID card. GPG signature doesn't necessarily mean "this personn
has this official name", it can also mean "this is the real owner of
this email, and owner of this non-official name".

> 
> >  They are also not forced to use their work email, they can create an email
> > just for this.
> > 
> > So I don't know what the problem is exactly.
> 
> If the argument is "if people do not like giving informations, they can
> simply not tell the truth", yes I see this as a problem, because we are
> quite inconsistent.
> 
> On identity.m.o, we do ask :
> - login
> - email
> - personal information
> 
> Login is obviously required.
> 
> For email, yes, we need to have one, that's a technical requirement on
> this part, we cannot do much, except clearly telling to people what it
> would be used for, if they can use a trash email or not, etc, etc.
> 
> Problem is asking for Last name/First name.
> 
> Identity.m.o  will be used almost everywhere, like for example on the
> forum. 
> 
> Some people may find invasive to give Last name/First name especially
> for posting on a forum when compared to all others ( I checked several
> french forums, none requires giving anything except a email and a
> login ). 

Many forums require a username, and a display name. If you open an
account on linuxfr for instance, you need to enter a login name, and a
full name (which doesn't have to be your real name). And I think most
people on linuxfr don't use their real name, and they see no problem
being asked a full name. On almost all websites I know where users can
post messages, they are asked both a login name (which is sometime the
same as the email) and a display name.

Even when you setup an email account, most email software will ask you
to enter a full name. If sending an email without a full name, I think
I remember that spamassassin will flag it as spam.

> 
> So either we care about having this information ( for example for legal
> reasons ) and in this case, this must be clearly explained, and then we
> may have to be more stringent depending on requirements. In this case,
> we cannot say "you can enter what you want".
> 
> Or we do not care about the personal information, then it should also be
> clear. And I see no clearer way to say "this is not required" that not
> requiring it upon creation of the account.

The problem is that many software, like bugzilla, forums, or rpm changelogs
require a login name (only one word without spaces) or email, and a
display name. I see no use to waste time to patch all those software to
add a special case (adding more complexity and more bugs) for the user
who doesn't want to set any display name, when a simple solution is to
simply set a name that is not your real name, if you want to hide your
real name.  

> 
> IMHO, we should not adopt the sloppy practice of others websites of
> saying so mandatory when this is not.

It is not a "sloppy practice". It is that a login name is not very nice
to display, so a full name is asked.  

> 
> Telling to users to workaround this by giving incorrect information do
> not seems like a very good way to show we care about people. 

It is not giving incorrect information, it is giving the name the user
wants to be called.



More information about the Mageia-sysadm mailing list