On Thu, 08 Mar 2012 17:09:17 -0800
"Karsten 'quaid' Wade" <kwade(a)redhat.com> wrote:
I understand what you are saying. We have to balance personal rights
with the rights of the community to know who they are entrusting. The
"know who" in an online world comes about by interacting with people,
building trust, and so forth.
In a simplistic sense, is what you are suggesting is that all FAS
information be a secret that only a few sysadmins can access? Those
sysadmins would be the centers of a trust web - I would have to trust
those sysadmins that there are real people who can be reached (via
email, for example) behind usernames.
In order to contact another user who I hadn't personally traded
addresses with, I would have to use perhaps a web interface? Or would
username(a)fedoraproject.org still be accessible information?
I don't think making 'username' private is practical or desirable.
Our community is a meritocracy (or we would at least like it to be).
Without some identifier for a persons actions and accomplishments, we
can't know who should be allowed to do more or less based on merit.
From a technical side, virtually all our tools would stop working or
become useless. ;) Imagine filing a ticket and thinking, "Hey, someone
could fix this, if I only could add them to the ticket to look, oh
> Further, speaking for myself, when I signed up years ago, I did
> not realise that: a. I could not change my username after sign up
> b. That this information was going to be public. Of course then,
> legally "you" would say, well we had this 100 page document in our
> terms and conditions, but does that make it right ?
I'm unclear here - are you saying it is not your responsibility to
read and understand terms and conditions of websites you sign up for?
If it is not your responsibility, whose is it?
If the document truly were 100 pages ... but I've always seen Fedora
strive for brevity in all legal documents.
Yeah. This has also been changed...
if you sign up for a new account now there is a large banner at the
NOTE: Username is permanent (i.e. it cannot be changed after
registration and will never be deleted from the system). Personal
information may be updated or removed at any time.
So that use case I suspect won't happen unless you or someone
rewrites FAS to allow for it.
Yeah, renaming is a great deal harder than it seems.
Not only do you need to just rename the user, but you have to update
all groups, change ownership of any files on any machines the old
username had, etc.
Additionally, it breaks audit trail.
Say I sign up as 'phred' and gain a bunch of abilities, and I work on a
bunch of things, then rename my account to 'phredq'. Unless there's a
clear and easy to follow audit trail there, if I come along and see
something 'phred' did I have no way to contact them or know who they
...snip good questions and answers...