Screen names vs real names

I don't really mean to single out you, — but a number of the comments here reflect what I perceive to be a kind of "computer engineer's autism" ... a notion that things are binary, that a preventative measure either works in an absolute, quasi-mathematical sense, or its worthless.

But the world doesn't fit into nice little binary boxes like that. It's quite possible for someone to join a project with fully honest intentions and only to later decide to do something dishonourable, perhaps inspired by some dispute or the like. Of course, they're less likely to do so if they'd given their real name at the start, taking the risk of real repercussions. So even if you do _nothing_ more than to ask for a real name and perform no validation that does provide a value. It's not an absolute proof: nothing is... Just an additional piece of confidence that costs most people very little.

... and does the FSF really want important contributors who need to hide their connection? For their sake and the FSF's it would probably better if someone who needs to hide their affiliation didn't contribute in that way. Anonymity is a powerful and important tool, but it is often a danger: Under the believed guise of anonymity we'll engage in activities we would otherwise deem to risky. Should that anonymity be shattered we regret our decisions to depend on it.

Of course, people do manufacture multiple online identities. I've seen quite a few instances of people building up multiple admin accounts on the English Wikipedia— each representing at least a hundred hours of work, if not several hundred, building social connections, community trust, and making useful contributions to the encyclopaedia. Are they more likely to just make up another 'real name' than build a virtual reputation? I don't know— asking for a real name doesn't do much against someone who came in with an intent to defraud. Like the locks on most doors and containers, asking for a name helps keep honest people honest. I think it's obvious that if you ask for both a real name and a virtual reputation you get a superior protection compared to doing either alone.

It might be the case that the FSF should be doing more detailed identity-validation... I don't know what they do today, as I know too many FSF people fairly personally, and I don't have a good feel for what level would be sufficient for their needs. But I do think we need to reject these binary notions of security. The world's problems have infinite shades of grey, and our tools needs to be as numerous and varied if we are to address these issues. Regardless of how lossy the existing process is that lossyness is an argument for strengthening it, not for abandoning the protection it currently provides, however small.