= Username Policy for trac-hacks.org = For reasons and ongoing discussion please visit and participate in #10092 . == Valid usernames == === Rules === ==== Formal Part ==== 1:: number of characters: 5 .. 30 allowed > rationale: lower limit helps i.e. with most common acronyms, company names and Trac version numbers > rationale: upper limit is a bit arbitrary here, but nevertheless should exist 2:: contains maximum of 3 characters repeated in a row > rationale: depreciate something like 'aaaaa', as we already witness several examples for that 3:: contains maximum of 3 numeric characters > rationale: depreciate phone numbers or PGP key-IDs 4:: no space in-between (use '_' instead) > this might be obsolete - need to look more closely to registration core for this 5:: doesn't contain some blacklisted character sequences, i.e.: 'test' 6:: brands > World-wide there are strong feelings about brands, and we'd better steer clear of even the possibility of getting involved into infringement accusations of any kind ASAP. 7:: new usernames must not differ from any existing username only by casing ==== Informal Part ==== * Unicode chars allowed - planned after upgrading to Trac 1.0 > a phonetic/all-latin transcription is strongly recommended on the user wiki page to ease developer conversation (commonly done in English) === Enforcement === Ideally we'll implement all rules in the registration procedure provided by AccountManagerPlugin. Current status: * 1: solution: use custom REGEXP like `username_regexp = r'(?i)^[A-Z0-9.\-_]{5,30}$'` (''since [11960]''), and mention actual username policy prominently, up-front elsewhere * 2: plan: use REGEXP combined with 1 * 3: plan: use REGEXP combined with 1 + 2 * 4: solution: use `username_char_blacklist = : []` - note the blank in-between * 5: plan: best to approach with a blacklist of character sequences, each on a line, read from a dedicated wiki page * 6: ''more discussion required'': not easily done by blacklisting or similar code, maybe moderation (#843) is the best approach here, but that would largely obsolete the other points and shift all the burden towards moderators, what might or might not be acceptable * 7: solution: all checks for a username duplicate are case-less (''since [11839]'') Of course that doesn't help for existing accounts, and we need to called the following users for clearance: [[ListTagged(username-clearance)]] Exceptions should all get documented openly. We must advertise at the mailing-list and send notifications to existing email contacts. If the user is not responsive within a reasonable amount of time, say 3 months, we'll close the account and remove it after another 3-month-period. {{{#!comment deleted accounts (preparing a blacklist) ||username ||email ||last login ||sniffer ||margo@papasan-chair-cushion.com || 2013-06-16 07:01:20 UTC }}} == Exceptions == === Procedure === === Case documentation === ==== Open ==== Reason given as reference to [#Rules rules] above * Anonymous - 6 * TestTest - 5 * TestUser - 5 * asix - 6 see: www.asix.com.tw ==== Settled ==== * Andi - a * TimN - b, c * aamk - a * ajo - a * anbo - a * andi - a Reasons by number: a:: plugin author/maintainer or developer who actually did commits to t-h.o repository b:: persons clear name/contact is matching username c:: valid link to homepage