On 8/2/02 8:15 AM, "Bernie Cosell" <[EMAIL PROTECTED]> wrote:
> I think we are in roaring agreement on this matter. That's why I tried > to be careful to put *PUBLIC* whenever I mentioned relaying or archives. Or as some of my bosses like to say, we're in violent agreement (again) > If you're running a *restricted* archive, Unfortunately, I don't know how you can do anything else any more. Which creates another conflict, because that archive is a useful resource, so I feel it needs to be made as available as you can, but at the same time, the email addresses in it are a personal identifier that requires protection. >From the POV of a mailing list, I think having the archives spidered by google and company are a very good thing -- branding and marketing stuff. Good content attracts good people. But that's where harvesting starts, too. So... > So I guess I hear the message, but I'd have expressed it differently: in > this day and age, you can no longer have really 'public' lists, as we did > back in the dark ages, Times have changed, and until we hunt down and kneecap all the script kiddies... Sigh. But yes, that's basically true. In Ray Bradbury's books, nobody locked a front door. Now, nobody talks to their neighbors. > impose various restrictions on how both the listmembers and the public > can use and access both the list and the archives, and part of *that* is > not allowing listmembers to evade the restrictions [whatever they happen > to be for YOUR list] by taking local actions. You have to do one of a few things: Not care and/or not try. And in some cases, that might be appropriate or acceptable. That's just Not Me. Restrict usage. But this creates other conflicts. And frankly, I've grown increasingly uncomfortable with the concept of the mailing list as armed refugee camp. I LIKE talking to my neighbors. But to date, it's been what we had available. Do Something Else. What we're bandying around at work is to basically "fix the archives", only in this case, we're sort of using fix in the "friendly veterinarian way". Rather than restrict usage of the archives, restrict what comes out of it, by dynamically cloaking the sensitive content as it leaves the system. Then, the only restriction we need to make is "you can't subscribe to the list and create your own PUBLIC archive". Which still doesn't solve gmane's "problem". So we're actually talking about whether it makes sense to create a "pre cloaked" feed of the lists, so anyone who wants to make an archive can subscribe to THAT archive, knowing it's "safe" as we define safe. In other words, if you use that feed, we're saying you'll never get in trouble with us, because we took responsibility for cleaning it up before it left the site. And that, I think, is where this needs to move. Back to technology, instead of permissions. And that means making sure that the data that leaves your site is in a form you can lose control over without getting stressed over it. Barry, JC and some others have been doing some noodling at integrating TMDA (an address obscuring and whitelisting tool) into Mailman. The idea being that even addresses coming from the server are obscured (except for russ') and replies to a user go through the list server and the whitelist. That basically puts the server in charge of ALL interactions between list users, although users can choose to drop out of the system, obviously. But it means that you no longer have to try to control content after it leaves the server. It's safe. That has it's own challenges, but at least it opens up lists into more of a "welcome, boys!" place again, instead of the increasingly paranoid, closed circles I think we're being forced into.... > So I see that I need a perception adjustment... I'm still stuck in the > past on some of these policy matters and haven't fully internalized the > realities and necessities of the way things are now. As we all are. Most of this is stuff that had no real visibility two years ago. Or even a year ago. It wasn't too long ago folks thought I was crazy for password protecting email archives (some probably still think so...) But, you know? I remember when we thought nothing of putting home addresses and phone numbers in messages. I remember a time when I would post "party at my place" messages to net.general, and we'd get together and party. Can you imagine the riot that'd happen now? It's just more of the exploration into how to be available and in contact, but still be able to manage your privacy. I expect we'll be working that issue for years to come. It's funny, though, how a little privacy well placed makes it a lot easier to be public and accessible. Seems counter-intuitive, but it looks to be true. -- Chuq Von Rospach, Architech [EMAIL PROTECTED] -- http://www.chuqui.com/ Someday, we'll look back on this, laugh nervously and change the subject.
