-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 One of the main reasons for this kind of requirement is to ensure that the project stays in legal compliance, and that the provided code is in fact licenseable. Without a record of the real copyright holder of any given part of the codebase, it is far more difficult know if the code provided is tainted (think vendor employee stealing code and submitting it for includsion).
Not knowing who contributed code also makes license enforcement problematic, as it could be argued there is no known copyright holder. This opens a whole new can of worms, as without the release of copyright from the real holder the work defaults to All Rights Reserved status under at least US law and I think the Berne convention as well. On 03/05/2018 03:13 PM, [email protected] wrote: > I can't understand as to why doing a git commit requires your "real" > name and while I could simply make something up I instead I wish to > protest this policy and hear out a justification for it. > > This is a project with a main goal of improving security however having > your name on the internet is almost always going to be bad security. > - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJanbR3AAoJEK+E3vEXDOFbfYMH/3Qie1ip2fphBOzjRT/U3o5E QDoQlGUx5Ajha/FL0vefSfUnTWCtVGL07mf6taUPSHTtr4VMzYBodRcElRi7OW20 FFg5pH3agJjHpDkd6KNZK7jirZCjRM4lbM8Vw+SeRcibKTAiQwJJr+MD+yWdJlJh IitJsITfJRqw74DI8RZaohdYbCmMk26FxgQo5pKF2iiPTkfSBgSsL7+SJ1XvgeFb 4BhKvYbP2hRdMFcq003x/1Faw2q2JmgSnZTA8d+9jumOfkYBEjFDZElwX2JUR7kf G4pxTH3IOKbpXeFh/Af6lt4aFNMcw9KoHhVAJjR4PFUIUUGqYkSw9cy6otB3FPM= =wfuP -----END PGP SIGNATURE----- -- coreboot mailing list: [email protected] https://mail.coreboot.org/mailman/listinfo/coreboot
