Re: GR: Declassifying debian-private: second call for votes
Ian Jackson dijo [Mon, Oct 17, 2016 at 02:16:15PM +0100]: > Charles Plessy writes ("Re: GR: Declassifying debian-private: second call for > votes"): > > out of context, it is hard to chose between the options that each of you are > > presenting in this GR. > > > > Could you briefly rebut each other's options ? I think that it would help > > a > > lot. Hi Charles, and thanks for this question. I'm answering to Ian's message, as I mostly agree with him, but there are several points where we have different points of view. First and foremost, let me be clear: I do *not* believe my option is the best. But I stated my preference to have it *available on the ballot* instead of replacing its text altogether, as happened in the August GR. I helped Nicolas draft the original text, and while it is ambiguous, it has a strong virtue over the status quo: It saves us from lying, it cleans our face by saying "we would love to, but we failed". > I support both Option 2 ("Acknowledge difficulty", my proposal) and > Option 3 ("Remain private", Iain's proposal). I firmly oppose > Option 1 ("Repeal previous GR", Gunnar's). > > I think Option 1 is quite bad. I will rank option 1 below the FD (ie > the status quo). I recommend everyone else do so. I voted 312-, that means, I prefer Ian's option, then Iain's, then mine, then FD. I really hope this will be aligned with the rest of the project — but I strongly prefer the gray area where declassification is not-strictly-but-kindof-authorized-or-maybe-not to the listmasters to staying firm by a promise we don't intend on keeping. I do not think that the existence of d-private breaks our SC's promise not to hide our problems, and as many others have stated, I recognize there will always be the possibility of private communication between groups of individuals. So, repealing the 2005 GR basically acknowledges that there might a group of individuals, a strict subset of the DDs, that have a common place to talk to each other (while they try to refrain from doing so whenever possible). > I doubt that listmaster will be pleased to enter this fray. Our > listmasters are sensible people who will not want to act in such a > controversial area, when their authority is doubtful. Let me embrace this half-paragraph. When coming to a vote decision, I *hope* we can all remember the good work done by our listmasters, and stop pretending they will breach the project's trust and confidence, even if they were able to. > So this question will drag on with occasional rumblings, perhaps > for years. The dispute might finally be ended only by a second GR. Second? Fourth, rather. > Please vote Option 1 below Further Discussion, or at least below > both Option 2 and Option 3. That's our main disagreement. I see value in "just" repealing the 2005 GR. I think the reason the August GR failed is because it replaced a "decently good" text with a "better but worse" one — By listing declassification actions, some people felt threatened by the wording of the proposed status-quo, or felt it could threaten privacy in the future given a set of conditions. Not having an imperfect-but-better-than-FD option such as the original propoal, slightly over a majority of DDs voted against the GR. I honestly hope options 2 or 3 win, but would be content if the one I proposed does. > If you feel that benefits of possible improvements to the transparency > of -private are negligible, or that they are outweighed by the risk of > madness on the part of listmaster, or even by the necessary > discussions (arguments) about the shape of such a scheme, then you > should rank 3 ahead of 2. > > For you, then, Option 1 is very bad. If you don't have confidence in > our current and future listmasters, not do do something bad, then > leaving listamster with a wide but disputed authority is precisely the > risk you would want to avoid. Right. As I do trust the people in the project, and I trust listmasters not to snap and start publishing d-private "just because", I don't see this risk as particularly compelling. Greetings, signature.asc Description: Digital signature
Re: GR: Declassifying debian-private: second call for votes
Charles Plessy writes ("Re: GR: Declassifying debian-private: second call for votes"): > out of context, it is hard to chose between the options that each of you are > presenting in this GR. > > Could you briefly rebut each other's options ? I think that it would help a > lot. Of course. I support both Option 2 ("Acknowledge difficulty", my proposal) and Option 3 ("Remain private", Iain's proposal). I firmly oppose Option 1 ("Repeal previous GR", Gunnar's). I think Option 1 is quite bad. I will rank option 1 below the FD (ie the status quo). I recommend everyone else do so. So, firstly, the big problem with Option 1: If Option 1 wins, no-one can be sure what that collective decision actually means. Some people have said that they think that without the 2005 GR, decisions about list management simply revert to listmaster. Other people have said that after a repeal of the 2005 GR, listmaster have no authority to invent a new declassification process. I think this would be worse than the current situation. There have been a few concrete proposals (to -project and elsewhere), for ways to improve things. There have been some vigorous defences of transparency (and vigorous criticisms of the status quo). There have been proposals (for example) to publish historical traffic data (which is currently secret). When this GR is out of the way, I think some of those contributors who care a lot about improving our transparency will want to revisit this issue. They will say that in the absence of the specific directions from the 2005 GR, listmaster has the power to regulate debian-private (subject to the usual principles of consultation, in the Constitution). They will argue that the Social Contract requires listmaster to do so. I think all of these are quite reasonable points of view; and without a clear statement from the GR about where the majority of the projects' opinion lies, who is to say that these contributors are wrong ? I doubt that listmaster will be pleased to enter this fray. Our listmasters are sensible people who will not want to act in such a controversial area, when their authority is doubtful. So this question will drag on with occasional rumblings, perhaps for years. The dispute might finally be ended only by a second GR. This will be stressful and threatening for those who value privacy; particularly, it will be stressful for those who are concerned about messages they have already posted, in the expectation that the GR; it will be frustrating and unproductive for those who want more transparancy; it will put an unreasonable burden on listmaster; and it will risk wasting our emotional energy on disputes about procedure and authority. Please vote Option 1 below Further Discussion, or at least below both Option 2 and Option 3. Then, on to the choice between Option 2 and Option 3: Both Options 2 and 3 explicitly honour the privacy expectations established by the 2005 GR. Both Options 2 and 3 retract the broken promise of declassification. Both Options 2 and 3 prohibit the unwanted declassification of messages: that is, people are not, in general, at risk of their messages being published against their expressly stated wishes. The main difference is that Option 3 would make it impossible to invent, or experiment with, new ways of handling -private in the future. That would be a shame. There are some threads on -private which I think the participants would be quite happy to see declassified at an appropriate time (for example ones discussing security vulnerabilities). Several people have suggested forms of subject-line tagging, for example, which might make that possible, while still allowing people to post messages which will never be disclosed. I don't know whether any such schemes are feasible, or would command consensus support, or would be used in practice if they were implemented. But I would like it to be possible to consider them, try out any that find favour, and either keep and improve them, or retire them. If Option 3 wins, such ideas are almost entirely blocked. They would require a new GR. Developing a scheme in the context of a GR Discussion is a bad idea. Even if the scheme could be developed separately and ratified by a GR, it would then be set in stone. There is another more minor difference. Option 2 leaves open the possibility that something like the 2005 GR process could be used to declassify particular messages or threads of historical interest, if someone has the effort to do do so. So I will be voting: 2 > 3 > FD > 1 Ie, ranking the options in this order Option 2 "Acknowledge difficulty" Option 3 "Remain private" Further Discussion (aka Status Quo) Option 1 "Repeal previous GR" I think there is a legimate possible justification for a vote of 3 > 2 > FD > 1 If you feel that benefits of possible improvements to the transparency of -private are negligible, or that they are outweighed by the risk of madness on the part o