Re: [Hdaps-devel] [PATCH 01/12] thinkpad_ec: New driver for ThinkPad embedded controller access

From: Shawn Starr
Date: Sun Aug 06 2006 - 20:58:36 EST

On Sunday 06 August 2006 6:08 pm, Shem Multinymous wrote:
> Hi Ted,
> Thanks for the explanation. Point taken, though I can't help parsing it as:
> On 8/6/06, Theodore Tso <tytso@xxxxxxx> wrote:
> > For legal reasons, we need a way to to contact and identify the author
> > in the real world, not just in cyberspace, and a pseudonym doesn't
> > meet that requirement.
> "We want to be able to sue you if they sue us."
> Which is actually not a problem for me (i.e., I don't believe I have
> nothing to worry about legally); but I do have other, non-legal
> considerations.
> > just as the fact that we aren't requiring ink signatures and public
> > notary checks doesn't mean we shouldn't stop doing what we are doing.
> Understood, but still a bit silly. You have no idea how many of the
> 2252 people in `git-whatchanged | grep Signed-off-by: | sort | uniq`
> gave their legal name, and I doubt you could contact most of them in
> the real world without their cooperation (and with my cooperation, you
> could contact me too). Heck, some of those email domains don't even
> resolve. So this "chain of responsibiliy" is pretty worthless if
> someone really tries to inject legally malicious code into mainline,
> i.e., you end up blindly trusting people anyway.
> BTW, Ted, we actually have met in person. :-)
> Shem

This is where GNU PGP keys can help. If more people used them, as a trust
mechanism it would help people trust people more. Otherwise, what's the point
of these keysignings? :-)

I don't mind providing my PGP key if it helps people recognize I am who I am
via email and signed patches.


Attachment: pgp00000.pgp
Description: PGP signature