diff options
Diffstat (limited to 'zarb-ml/mageia-sysadm/2011-March/003005.html')
| -rw-r--r-- | zarb-ml/mageia-sysadm/2011-March/003005.html | 253 |
1 files changed, 253 insertions, 0 deletions
diff --git a/zarb-ml/mageia-sysadm/2011-March/003005.html b/zarb-ml/mageia-sysadm/2011-March/003005.html new file mode 100644 index 000000000..ac4eb417a --- /dev/null +++ b/zarb-ml/mageia-sysadm/2011-March/003005.html @@ -0,0 +1,253 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-sysadm] [RPM] cauldron core/release tagtool-0.12.3-2.mga1 + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20%5BRPM%5D%20cauldron%20core/release%0A%20tagtool-0.12.3-2.mga1&In-Reply-To=%3C1299185199.14742.64.camel%40akroma.ephaone.org%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="003003.html"> + <LINK REL="Next" HREF="003006.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-sysadm] [RPM] cauldron core/release tagtool-0.12.3-2.mga1</H1> + <B>Michael Scherer</B> + <A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20%5BRPM%5D%20cauldron%20core/release%0A%20tagtool-0.12.3-2.mga1&In-Reply-To=%3C1299185199.14742.64.camel%40akroma.ephaone.org%3E" + TITLE="[Mageia-sysadm] [RPM] cauldron core/release tagtool-0.12.3-2.mga1">misc at zarb.org + </A><BR> + <I>Thu Mar 3 21:46:39 CET 2011</I> + <P><UL> + <LI>Previous message: <A HREF="003003.html">[Mageia-sysadm] [RPM] cauldron core/release tagtool-0.12.3-2.mga1 +</A></li> + <LI>Next message: <A HREF="003006.html">[Mageia-sysadm] [RPM] cauldron core/release tagtool-0.12.3-2.mga1 +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#3005">[ date ]</a> + <a href="thread.html#3005">[ thread ]</a> + <a href="subject.html#3005">[ subject ]</a> + <a href="author.html#3005">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>Le jeudi 03 mars 2011 à 18:17 +0100, nicolas vigier a écrit : +><i> On Thu, 03 Mar 2011, Michael Scherer wrote: +</I> +><i> > > I think that's not a problem here. We're not checking ID of people who +</I>><i> > > create accounts, so they can use the name they want to be called. +</I>><i> > +</I>><i> > Not yet. What about the day someone will propose to use gpg and the web +</I>><i> > of trust ( who is currently based on checking ID card ) for some stuff ? +</I>><i> +</I>><i> If we decide one day that we require signed gpg key, then we can discuss +</I>><i> that day the details of what kind of signatures we require. Today we +</I>><i> don't require anything like this. But it's possible to sign key without +</I>><i> checking ID card. GPG signature doesn't necessarily mean "this personn +</I>><i> has this official name", it can also mean "this is the real owner of +</I>><i> this email, and owner of this non-official name". +</I> +That's why I said "what if we use gpg _and_ the web of trust". Of +course, gpg alone do not requires this. The current system of web of +trust does. + +So while we do not do now, I wanted to highlight this would be something +to keep in mind. + +><i> > Problem is asking for Last name/First name. +</I>><i> > +</I>><i> > Identity.m.o will be used almost everywhere, like for example on the +</I>><i> > forum. +</I>><i> > +</I>><i> > Some people may find invasive to give Last name/First name especially +</I>><i> > for posting on a forum when compared to all others ( I checked several +</I>><i> > french forums, none requires giving anything except a email and a +</I>><i> > login ). +</I>><i> +</I>><i> Many forums require a username, and a display name. +</I> +I gave examples of those that do not requires anything when being +subscribed ( and later ), so I would appreciate that you give at least +one example ( cause all I tested didn't seems to mandate this on +registering ). + +Likely all of them propose to have a display name, none do requires it +( ie, using login is fine, not filling the vcard is fine too ). + +><i> If you open an +</I>><i> account on linuxfr for instance, you need to enter a login name, and a +</I>><i> full name (which doesn't have to be your real name). +</I> +Sorry to contradict you, but that's not required when subscribing : +<A HREF="https://linuxfr.org/compte/inscription">https://linuxfr.org/compte/inscription</A> + +( note that maybe this changed for the new version 2 weeks ago ) + +You can set a display name later ( and yes, the new interface now ask +for "first name/last name", I do not remind the old one ), but IIRC you +do not need to set it. That's the whole point, you are not forced ( or +at least, it was like this before ). + +On our web site, we do not explain much ( FAQ is not written yet, +privacy policy is a draft ), and we ask for 2 specific informations that +everybody will consider personal ( last name, first name ) to guess a +3rd one instead of simply asking the 3rd one ( display name ). + + +><i> And I think most +</I>><i> people on linuxfr don't use their real name, and they see no problem +</I>><i> being asked a full name. On almost all websites I know where users can +</I>><i> post messages, they are asked both a login name (which is sometime the +</I>><i> same as the email) and a display name. +</I> +The point is not "we should not let people use a display name", but "we +should not require last name and first name to create the display name". + +A display name is not the same as last name/first name. I do not know +how can I explain this more clearly :/ + +"The great gatsby" is a display name, but not a tuple (last name, first +name). +"Jay Gatsby" is a display name and a tuple (last name, first name). + + +><i> Even when you setup an email account, most email software will ask you +</I>><i> to enter a full name. If sending an email without a full name, I think +</I>><i> I remember that spamassassin will flag it as spam. +</I> +I guess this changed, because I checked my spam folder +, found 1 mail without anything in from except the mail, and here are +the check : +X-Spam-Status: Yes, score=11.3 required=5.0 + tests=BAYES_99, + DNS_FROM_RFC_DSN, + HTML_MESSAGE, + HTML_TITLE_SUBJ_DIFF, + MIME_HTML_ONLY, + PYZOR_CHECK, + RCVD_IN_BL_SPAMCOP_NET, + RDNS_NONE + +None of theses checks relate to From headers. + +><i> > +</I>><i> > So either we care about having this information ( for example for legal +</I>><i> > reasons ) and in this case, this must be clearly explained, and then we +</I>><i> > may have to be more stringent depending on requirements. In this case, +</I>><i> > we cannot say "you can enter what you want". +</I>><i> > +</I>><i> > Or we do not care about the personal information, then it should also be +</I>><i> > clear. And I see no clearer way to say "this is not required" that not +</I>><i> > requiring it upon creation of the account. +</I>><i> +</I>><i> The problem is that many software, like bugzilla, forums, or rpm changelogs +</I>><i> require a login name (only one word without spaces) or email, and a +</I>><i> display name. +</I> +I never said "display name is not fine". Just that we currently do not +ask clearly for it, because a display name is slightly different from +"last name" / "first name". + +Simply because there is 2 entries, and just one for a display name, so +most people will not make the connexion. Granted, most will give the +information without thinking, some will not, some will prefer to not +register at all. + +><i> I see no use to waste time to patch all those software to +</I>><i> add a special case (adding more complexity and more bugs) for the user +</I>><i> who doesn't want to set any display name, when a simple solution is to +</I>><i> simply set a name that is not your real name, if you want to hide your +</I>><i> real name. +</I> +Well, then we can simply say what I proposed : +- do not ask for last name/first name when we want something to +display. + +( unless that's required for technical reasons, in which case we should +clearly tell this, and looking at ldap schema, I fear this is the +case :/ ) + +We want people to be able to use display name because that's what +matter, and to change it, so let's just use that. If the rest is not +used, then we can simply not ask. + +><i> > +</I>><i> > IMHO, we should not adopt the sloppy practice of others websites of +</I>><i> > saying so mandatory when this is not. +</I>><i> +</I>><i> It is not a "sloppy practice". It is that a login name is not very nice +</I>><i> to display, so a full name is asked. +</I> +The sloppy practice is to ask for personal informations and say they are +required, when : +1) they are not what we want ( ie, we want a name to display and we may +not care about the rest, yet this is not what most people will infer +from the web site ) +2) they are not strictly required ( ie, it would work fine without it on +most web applications, it is just less pretty, that's hardly what I +would call a requirement ) + +><i> > +</I>><i> > Telling to users to workaround this by giving incorrect information do +</I>><i> > not seems like a very good way to show we care about people. +</I>><i> +</I>><i> It is not giving incorrect information, it is giving the name the user +</I>><i> wants to be called. +</I> +Then as I said, this should be clearly said. For now, this is not. Look +again at the website : <A HREF="https://identity-trunk.mageia.org/register">https://identity-trunk.mageia.org/register</A> + +I see no obvious mention that this will be used for displaying anywhere, +nor the way it will be used and displayed. + +Moreover we cannot correctly infer the way people want to have it +displayed in all cases since some people would prefer "michael scherer" +and some "scherer michael" ( for example, chinese do put family name +first <A HREF="http://en.wikipedia.org/wiki/Chinese_given_name">http://en.wikipedia.org/wiki/Chinese_given_name</A> , and afaik, we +don't in france ). Or some would prefer to add Dr, PHD, etc. + +So the way we do is not flexible enough. + +So here is my proposal : +Just ask for : +- login, +- email, +- display name + +And if display name is not filled, just use login. + +There is no invasive changes on applications ( or at least, none that we +didn't agreed to do in the past, cf +<A HREF="https://www.mageia.org/pipermail/mageia-sysadm/2010-November/000963.html">https://www.mageia.org/pipermail/mageia-sysadm/2010-November/000963.html</A> ), the only big issue is that ldap types requires sn/cn. + +But since nothing use the information yet ( IIRC ), we can either fill +this with login ( ie sn=login, cn=login ), and let people decide to put +what they want if they want later. Or we can tweak ldap to not ask for +this ( slightly more complex, but Buchan spoke of this ). + +-- +Michael Scherer + +</PRE> + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="003003.html">[Mageia-sysadm] [RPM] cauldron core/release tagtool-0.12.3-2.mga1 +</A></li> + <LI>Next message: <A HREF="003006.html">[Mageia-sysadm] [RPM] cauldron core/release tagtool-0.12.3-2.mga1 +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#3005">[ date ]</a> + <a href="thread.html#3005">[ thread ]</a> + <a href="subject.html#3005">[ subject ]</a> + <a href="author.html#3005">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm +mailing list</a><br> +</body></html> |