On Wed, Mar 9, 2011 at 7:12 AM, Nick Coghlan firstname.lastname@example.org wrote:
Please don't blame the PSF for the inadequate state of digital signature technologies and their uncertain place in law.
What we *could* do though, is have a better explanation of the reasons behind the relatively archaic process for submission of contributor forms.
Alternatively, something that occurred to me is that every core dev *must* set up SSH correctly to push changes. So why not have a text version of the form and require people to push a signed copy of their completed form as a text file to that repository before their access to the main repository is switched on?
We're relying on the SSH keys to identify submitters of contributions, so sure we could rely on them for the form sign-off as well...