On 17/02/15 09:32 -0800, Stefano Maffulli wrote:
Changing the subject since Flavio's call for openness was broader than just private IRC channels.On Tue, 2015-02-17 at 10:37 +0000, Daniel P. Berrange wrote:If cases of bad community behaviour, such as use of passwd protected IRC channels, are always primarily dealt with via further private communications, then we are denying the voters the information they need to hold people to account. I can understand the desire to avoid publically shaming people right away, because the accusations may be false, or may be arising from a simple mis-understanding, but at some point genuine issues like this need to be public. Without this we make it difficult for contributors to make an informed decision at future elections.You got my intention right: I wanted to understand better what lead some people to create a private channel, what were their needs. For that objective, having an accusatory tone won't go anywhere and instead I needed to provide them a safe place to discuss and then I would report back in the open. So far, I've only received comments in private from only one person, concerned about public logging of channels without notification. I wished the people hanging out on at least one of such private channels would provide more insights on their choice but so far they have not.
Right, but that isn't a valid point for a private, *password protected*, IRC channel.
Regarding the "why" at least one person told me they prefer not to use official openstack IRC channels because there is no notification if a channel is being publicly logged. Together with freenode not obfuscating host names, and eavesdrop logs available to any spammer, one person at least is concerned that private information may leak. There may also be legal implications in Europe, under the Data Protection Directive, since IP addresses and hostnames can be considered sensitive data. Not to mention the casual dropping of emails or phone numbers in public+logged channels.
With regards to logging, there are ways to hide hostnames and FWIW, I believe logging IRC channels is part of our open principles. It allows for historical research - it certainly helpped building a good point for this thread ;)- that are useful for our community and reference for future development. I don't think anyone reads IRC logs everyday but I've seen them linked and used as a reference enough times to consider them a valuable resource for our community. That said, I believe people working in a open community like OpenStack's should stop worrying about IRC logged channels - which I honestly believe are the least of their "openness problems" - and focus on more important things. This is an open community and in order to make it work we need to keep it as such. Honestly, this is like joining a mailing list and worrying about possible leacks in "logged emails".
I think these points are worth discussing. One easy fix this person suggests is to make it default that all channels are logged and write a warning on wiki/IRC page. Another is to make the channel bot announce whether the channel is logged. Cleaning up the hostname details on join/parts from eavesdrop and put the logs behind a login (to hide them from spam harvesters). Thoughts?
I've proposed this several times already and I still think some consistency here is worth it. I'd vote to enable logging on all channels. Fla. P.S: Join the open side of the force #badumps -- @flaper87 Flavio Percoco
pgp6m7o2MC6PB.pgp
Description: PGP signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev