From nobody Sat Feb 7 22:48:30 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1729590088653791.6571020636937; Tue, 22 Oct 2024 02:41:28 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 8D07518F3; Tue, 22 Oct 2024 05:41:27 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 75BA118C7; Tue, 22 Oct 2024 05:41:03 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id AAB3E18B7; Tue, 22 Oct 2024 05:41:00 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id B684E18B0 for ; Tue, 22 Oct 2024 05:40:59 -0400 (EDT) Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-599-uszcMTOpO_afjgGnOZdnYw-1; Tue, 22 Oct 2024 05:40:57 -0400 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 9D27C1955F3E for ; Tue, 22 Oct 2024 09:40:56 +0000 (UTC) Received: from toolbox.redhat.com (unknown [10.42.28.59]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 76E31300018D; Tue, 22 Oct 2024 09:40:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1729590059; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=9ntb4RDaKZn/n/QITNBwHhHFBWL3u0C74B0cwFiHcQE=; b=XxQfRScXHWJHH2bCM8smUN/muSNqOT4pbCmzKmKyrd+VrlLJ8UnuxgpP8kbJlEyQi6LuA3 5N0kMYuGGuz9CY2GJ6ahF3JKFx/srTimNUaCF52ui6pDu3X8rL59pK3yXJXSV0vwFumWpx B4kQPjHzUuoZmHWR2ptaoPT1SUD49hk= X-MC-Unique: uszcMTOpO_afjgGnOZdnYw-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: devel@lists.libvirt.org Cc: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Subject: [PATCH] docs: permit a user's chosen identity with SoB Date: Tue, 22 Oct 2024 10:40:53 +0100 Message-ID: <20241022094053.1544983-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: IMSKHGAPULKZK2W334XVLSAUWWTYQSTI X-Message-ID-Hash: IMSKHGAPULKZK2W334XVLSAUWWTYQSTI X-MailFrom: berrange@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1729590089744116600 Content-Type: text/plain; charset="utf-8" The docs for submitting a patch describe using your "Legal Name" with the Signed-off-by line. In recent times, there's been a general push back[1] against the notion that use of Signed-off-by in a project automatically requires / implies the use of legal ("real") names and greater awareness of the downsides. Full discussion of the problems of such policies is beyond the scope of this commit message, but at a high level they are liable to marginalize, disadvantage, and potentially result in harm, to contributors. TL;DR: there are compelling reasons for a person to choose distinct identities in different contexts & a decision to override that choice should not be taken lightly. A number of key projects have responded to the issues raised by making it clear that a contributor is free to determine the identity used in SoB lines: * Linux has clarified[2] that they merely expect use of the contributor's "known identity", removing the previous explicit rejection of pseudonyms. * CNCF has clarified[3] that the real name is simply the identity the contributor chooses to use in the context of the community and does not have to be a legal name, nor birth name, nor appear on any government ID. Since we have no intention of ever routinely checking any form of ID documents for contributors[4], realistically we have no way of knowing anything about the name they are using, except through chance, or through the contributor volunteering the information. IOW, we almost certainly already have people using pseudonyms for contributions. This proposes to accept that reality and eliminate unnecessary friction, by following Linux & the CNCF in merely asking that a contributors' commonly known identity, of their choosing, be used with the SoB line. [1] Raised in many contexts at many times, but a decent overall summary can be read at https://drewdevault.com/2023/10/31/On-real-names.html [2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/comm= it/?id=3Dd4563201f33a022fc0353033d9dfeb1606a88330 [3] https://github.com/cncf/foundation/blob/659fd32c86dc/dco-guidelines.md [4] Excluding the rare GPG key signing parties for regular maintainers Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Peter Krempa --- docs/governance.rst | 6 +++--- docs/hacking.rst | 9 ++++++--- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/docs/governance.rst b/docs/governance.rst index 44dd54d4a0..04bb739237 100644 --- a/docs/governance.rst +++ b/docs/governance.rst @@ -112,9 +112,9 @@ There are no special requirements to becoming a contrib= utor other than having the interest and ability to provide a contribution. The libvirt project **= does not require** any *"Contributor License Agreement"* to be signed prior to engagement with the community. However for contributing patches, providing= a -'Signed-off-by' line with the author's legal name and e-mail address to -demonstrate agreement and compliance with the `Developer Certificate of -Origin `__ is required. +'Signed-off-by' line with the author's chosen name and e-mail address to +demonstrate agreement and compliance with the `Developer Certificate +of Origin `__ is required. =20 In making a non-patch contribution to the project, the community member is implicitly stating that they accept the terms of the license under which t= he diff --git a/docs/hacking.rst b/docs/hacking.rst index c2e79e4501..825b8b83d2 100644 --- a/docs/hacking.rst +++ b/docs/hacking.rst @@ -83,9 +83,12 @@ Contributors to libvirt projects **must** assert that th= ey are in compliance with the `Developer Certificate of Origin 1.1 `__. This is achieved by adding a "Signed-off-by" line containing the contributor's name -and e-mail to every commit message. The presence of this line -attests that the contributor has read the above lined DCO and -agrees with its statements. +and e-mail to every commit message. The name should be the identity +the contributor has chosen to be known as in the context of the +community. It does not need to be a legal name, nor match any +formal ID documents, but should not be anonymous, nor misrepresent +who you are. The presence of this line attests that the contributor +has read the above linked DCO and agrees with its statements. =20 Further reading =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --=20 2.46.0