I’ve never liked the idea to tie an email address to my commits for privacy reasons, but of course I want to be linked somehow to my work. Would it be possible to rely on the key-pair used to sign commits instead? To avoid users claiming other users’ work by copy-pasting public keys in their profiles The Nest should check that a person really owns a given public key by asking to sign some random string before accepting it.
Could something like this work? I think I would like it more than GitHub’s solution (it generates a no-reply email for users that don’t want to make email addresses public).