X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/2a64eea0f51a431abe9c0a7c73a61f3177977790..c00119319be10ac42737118880c167e4eb722abf:/doc/todo/separate_authentication_from_authorization.mdwn diff --git a/doc/todo/separate_authentication_from_authorization.mdwn b/doc/todo/separate_authentication_from_authorization.mdwn index 389f014c9..1eca0dced 100644 --- a/doc/todo/separate_authentication_from_authorization.mdwn +++ b/doc/todo/separate_authentication_from_authorization.mdwn @@ -12,6 +12,11 @@ owner (and maybe their outsourced service providers), but not available to random third parties. The principle of least astonishment would suggest that we should do the same here. +> This part is now addressed by cloaking email addresses: +> `smcv@debian.org` → `smcv@02f3eecb59311fc89970578832b63d57a071579e` +> (that's the sha1sum of `mailto:smcv@debian.org`, as used in FOAF). +> --[[smcv]] + (The expectation of privacy for direct git commits is rather different: I think we can expect direct git committers to know that they should either set a plausible non-email-address in their git identity,