Not have a real-name policy. Identity is too complex a concept to be reduced to simple data structures, no matter how much us engineers desperately want to.
If one is concerned about impersonation, attack impersonation - impersonation can and will happen even with a strongly-enforced real-name policy (name changes, anyone?). Empower support to deal with impersonation on a case-by-case basis.
Open-endedness in this sort of enforcement can be risky, but it's certainly better than the "baby with the water" policy the way it is right now.
If one is concerned about impersonation, attack impersonation - impersonation can and will happen even with a strongly-enforced real-name policy (name changes, anyone?). Empower support to deal with impersonation on a case-by-case basis.
Open-endedness in this sort of enforcement can be risky, but it's certainly better than the "baby with the water" policy the way it is right now.