On 12/08/2015 12:54, Gregory Farnum wrote: > On Mon, Aug 3, 2015 at 11:10 PM, Loic Dachary <l...@dachary.org> wrote: >> >> >> On 03/08/2015 21:18, John Spray wrote: >>> On Fri, Jul 31, 2015 at 8:59 PM, Loic Dachary <l...@dachary.org> wrote: >>>> Hi Ceph, >>>> >>>> We require that each commit has a Signed-off-by line with the name and >>>> email of the author. The general idea is that the Ceph project trusts each >>>> developer to understand what it entails[1]. There is no formal >>>> verification : the person submitting the patch could use a fake name or >>>> publish code from someone else. In reality the odds of that happening and >>>> causing problem are so low that neither Ceph nor the Linux kernel felt the >>>> need to impose a more formal process. There is no bullet proof process >>>> anyway, it's all about balancing risks and costs. >>>> >>>> If a contributor was using an alias that looks like a real name (for >>>> instance I could contribute under the name Louis Lavile), (s)he would go >>>> unnoticed and her/his contribution would be accepted as any other. If the >>>> same contributor was using an alias that is obviously an alias (such as A. >>>> Nonymous), it would raise the question of accepting contributions >>>> Signed-off with an alias. >>>> >>>> I think Ceph should accept contributions that are signed with an alias >>>> because it does not make a difference. >>>> >>>> From a lawyer perspective, there is a difference between an alias and a >>>> real name, of course. Should the author be in court, (s)he would have to >>>> prove (s)he is the person behind the alias. If (s)he was using her/his >>>> real name, an ID card would be enough. And probably other differences that >>>> I don't see because IANAL. However since we already accept Signed-off-by >>>> that are not formally verified, we're already in a situation where we >>>> implicitly accept aliases. Explicitly accepting aliases would not change >>>> that, therefore it is not actually something we need to run by lawyers >>>> because nothing changes from a legal standpoint. >>>> >>>> What do you think ? >>> >>> (Without any legal knowledge whatsoever, and speaking in general terms >>> rather than about any particular code or vendor's practices or >>> products) >> >> In these matters the project lead needs to make a decision that makes sense >> and then ask a lawyers to implement it. We don't need to be lawyers to do >> that. >> >>> >>> My understanding is that projects use a Signed-off-by line for the >>> contributor to certify that they agree with the "Developer's >>> Certificate of Origin". >>> >>> The purpose of a certificate or origin is that if I am distributing >>> AcmeProject packages, and EvilCorp says "hey, we found our highly >>> patented code in your package!" then I can say "actually this was >>> submitted by Elizabeth Windsor <l...@buckinghampalace.org>, who >>> certified to me that she had the rights to the code. I can thus >>> demonstrate that the original infringement was by her, and any >>> infringement in my distribution of the software was accidental, I >>> acted in good faith." >>> >>> OTOH if I said "That code was contributed by A.Nonymous", then >>> EvilCorp would say "Well, that could just as easily have been one of >>> your own developers, acting anonymously, so you have not demonstrated >>> that the infringement was unintentional". >>> >>> So in my opinion, it is necessary that any project wishing to apply a >>> "certificate of origin" process also needs to have a real name policy. >> >> If that was indeed what a Signed-off-by does, I would also be against using >> aliases. In reality a Signed-off-by is nothing more than a convenient mean >> to get in touch with someone who claimed to be the author of a patch. >> >> The companies making and distributing Free Software using Signed-off-by like >> Ceph does, do not attempt to even verify that the person behind the >> Signed-off-by really is who (s)he claims. I don't think that's because they >> have been careless for the past decade. I think that's because it would not >> make a significant difference and that it would be a burden to the project. >> The company lawyers would certainly claim that it would be better to verify >> the identity for each Signed-off-by. But in practice they don't push for it, >> not even for the Linux kernel who went into more legal troubles than any >> other Free Software project. >> >> My point is that there could already be a dozen of aliases that look like >> real names in the current Signed-off-by list. Explicitly accepting aliases >> that look like aliases would just be an acknowledgement of what we already >> do. > > I won't be merging any code with obvious aliases for exactly the > reasons John mentions. Obviously IANAL, but I think you'll find law > proceedings in the USA would look much less kindly on accepting > obvious aliases versus having a real name policy — which we do, even > if it's not diligently checked.
It would be more accurate to say it is not checked at all. And it is the same for the Linux kernel. > Keep in mind that we generally have a > background on our contributors to track them down even if they are > using a non-obvious alias. As of today the Ceph repository has 427 contributors and 96 of them authored more than 10 commits. I would not be surprised if one of them was an alias. The only background check we do is when asking a new contributor about his affiliation to an organization (see http://tracker.ceph.com/projects/ceph/wiki/Ceph_contributors_list_maintenance_guide). 41 contributors declared that they are not affiliated to any organization and we did not investigate further. Nor do I think we should. You have a point: we know the vast majority of contributors, one way or the other. It is a small world :-) If a contributor you know insisted on contributing using an alias, for ethical reasons, would you turn her/him down ? Wouldn't it be better for you to be able to vouch for her/him somehow ? Cheers > -Greg > -- Loïc Dachary, Artisan Logiciel Libre
signature.asc
Description: OpenPGP digital signature
