The logic as it is now is fairly straightforward: 1st check: all-numeric, always rejected 2nd check: ieee 1003.1-2001, minimal requirements [0] 3rd check: user-configurable *NAME_REGEX 4th: (possible override --allow-badname)
The docs desribe --force-badname as "weak checks applied"; this could be clarified, but I don't think its urgent. As I write this, the most confusing part is that there are three separate checks for all-numeric names; I have a patch to simplify this. Cheers, Matt [0] this ties us to ascii mostly alpha-num usernames, obviously. I think it is okay to have a sanity check hard-coded to limit user's creativity here, at least until we support anything wider.
signature.asc
Description: This is a digitally signed message part
