Re: Doing something about "should remain private forever" emails
On Fri, Jun 21, 2013 at 05:44:50PM +0100, Ian Jackson wrote:
> Raphael Geissert writes ("Doing something about "should remain private
> forever" emails"):
> > So everyone knows that the declassification of -private isn't going
> > to happen any time soon.
>
> I think the declassification GR was unwise. The outcome is
> predictable. I think it would be best to explicitly revert it.
> The kind of fine-grained tagging and control envisaged by the GR is
> far too much work.
I suggest to simplify things. For example, delete all messages sent to
debian-private automatically after 365 days. Then we have some kind of
guarantee that after 365 days the messages remain private forever. Any DD
wishing to keep the messages for a longer time, can still copy them from the
Debian server to their own private system. (Even that can be automated, so no
manual work for anyone.) I've read some rather private things on
debian-private without any clause "should remain private forever", so I prefer
to keep the messages private by default.
> But as a practical matter, I think that the bigger problem is that we
> are sometimes discussing things on -private which ought to be in
> public.
I don't see this as a big problem at all. The person starting a thread on
debian-private usually had good reasons to do that. It's when the thread
becomes big with the discussed topic shifting away fromt he original topic,
people don't always realize they are still posting to debian-private. The
silliest thing to do at that point is complain about "this should be in
public". Anyone can simply start a new thread on a public mailing list without
complaining. The traffic on debian-private is also not a problem for me. I
subscribed to debian-private for a long time now, and it's not difficult for me
to skip threads I'm not interested in. Messages sent to the wrong lists
happens all the time, also on the public mailing lists. Let's accept some
noise, while allowing anyone to choose where they post their messages. There's
sufficient social control encouraging people to use the better list.
Regards,
Bart Martens
--
To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130621181540.ga18...@master.debian.org
Re: Doing something about "should remain private forever" emails
On 21 June 2013 10:00, Gerfried Fuchs wrote: > Effectively preventing people from having a complete archive to > potential see the context of some replies to threads that might get > declassified but with some messages stripped? In the hypothetical case the declassification ever happens: yes. A message would first need to be out of the "keep private forever" context for it to be declassified, in which case it's probably of no use having the original message. Note that there would be three kind of messages: "to be buried", "unknown", "can be declassified". The proposal is only about the first kind and makes no distinction between the two others. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/caa7hughpkfz8onejodhuqpov1wwjhlepq3dtaewbz-mxdn2...@mail.gmail.com
Re: Doing something about "should remain private forever" emails
Raphael Geissert writes ("Doing something about "should remain private forever"
emails"):
> So everyone knows that the declassification of -private isn't going
> to happen any time soon.
I think the declassification GR was unwise. The outcome is
predictable. I think it would be best to explicitly revert it.
The kind of fine-grained tagging and control envisaged by the GR is
far too much work.
But as a practical matter, I think that the bigger problem is that we
are sometimes discussing things on -private which ought to be in
public. We have no effective mechanism for ensuring that threads are
moved. And it's just far too easy for individual developers to do the
easy thing and perpetuate the problem.
I have a proposal, which may be unpopular, to help with that.
The listmasters would appoint some group of people whose job it would
be to determine when a discussion no longer justifies being on
-private.
These "transparency wardens" would, in such cases, do two things.
Firstly they would post an announcement (probably to -private, as it
may have to say "things about XYZ are still OK here"). Secondly they
would specify to the list software particular messages that they deem
should have been on a public list; the list software would then reject
reject all followups to those messages (by looking at References and
In-Reply-To) sent to -private. Posters would get a bounce with a
canned message inviting them to redact the quotes as necessary and
repost elsewhere.
That way, at the very least, we won't be carrying on conversations on
-private that should be in public.
In the spirit of volunteering to do the work that my proposal
requires, I'm volunteering to make needed changes to the list software
and/or to be one of these wardens (if I'm wanted, of course).
Ian.
--
To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/20932.33538.685450.634...@chiark.greenend.org.uk
Re: Doing something about "should remain private forever" emails
* Raphael Geissert [2013-06-18 22:49:55 CEST]: > So, "the opposite" of declassifying: instead of finding out what can be > declassified, remove all "should remain private forever", VAC, and similar > messages from the archive and put them in a tarball which is later encrypted > by a key that is to be split using SSS. Effectively preventing people from > accessing those messages unless really necessary (to the extent that the > cooperation from people who have a part of the shared secret is needed). Effectively preventing people from having a complete archive to potential see the context of some replies to threads that might get declassified but with some messages stripped? I don't fancy that idea, to be honest. So long, Rhonda -- Fühlst du dich mutlos, fass endlich Mut, los | Fühlst du dich hilflos, geh raus und hilf, los| Wir sind Helden Fühlst du dich machtlos, geh raus und mach, los | 23.55: Alles auf Anfang Fühlst du dich haltlos, such Halt und lass los| -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130621080044.ga5...@anguilla.debian.or.at
Re: Doing something about "should remain private forever" emails
Le Wed, Jun 19, 2013 at 07:35:26PM +0200, Raphael Geissert a écrit : > > I believe sgran's question was intended for Charles' proposal that is > basically more time consuming than declassifying. Actually, I do not understand the question, because only the listmasters can create new mailing lists and this is the essence of my proposal. The list for vacation, weddings etc. would not be archived, which results in zero work for declassification. The high-traffic list would stay in the same state as it is, this is also no extra work. For the "announce" list, I think that the best person to work on the declassification would be the posters theselves, proactively by ensuring that what they send is declassifiable by default three years later. For the public summary, maybe it was not a good idea after all. Cheers, -- Charles Plessy Tsurumi, Kanagawa, Japan -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130620091641.gl13...@falafel.plessy.net
Re: Doing something about "should remain private forever" emails
* Russell Coker [130619 05:53]: > If the messages which are clearly listed as never to be public are removed > from the main archive then surely the task of declassifying the rest will be > a > lot easier. So therefore it might even happen. :-# How does the task get easier with less information? It's much easier to decide which mail includes parts from "to be kept private forever" mails as long as one still has all of them to be sure. Bernhard R. Link -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130619190702.ga3...@client.brlink.eu
Re: Doing something about "should remain private forever" emails
Neil McGovern wrote: > On Wed, Jun 19, 2013 at 07:35:26PM +0200, Raphael Geissert wrote: >> If people start asking for the non-disclosure of their messages in >> other languages or any other way that prevents an automated process >> then it is their problem. They would be fighting against their own >> desire. >> > > It's really not - the onus is on the person doing the declassification. I believe you have misunderstood that I was talking about the opposite: burying the posts that can not be declassified. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/kpsrjp$bjt$1...@ger.gmane.org
Re: Doing something about "should remain private forever" emails
Hi, On 19 June 2013 00:41, Gunnar Wolf wrote: > Mohammed Adnène Trojette dijo [Wed, Jun 19, 2013 at 12:02:39AM +0200]: >> [I don't read d-projet] CC'ing you, but dropping -private. >> The spirit of the GR was to open more (even before OpenData became >> trendy, cf. today's G8's declaration). I fear that your proposal will >> ease the opposite. > > Right. and let me think a bit further: I think that, given the GR, > your proposal goes directly against it (further closing down access to > something that should be open, although nobody has taken any steps to > make it so). My proposal doesn't change anything in that regard. It is only a way to achieve what people have been requesting for years when posting to -private. Many people already say that their posts should remain private every single time they post to -private. A quick search with some keywords indicate that there are about 15 threads that should remain private every year, without counting VAC messages. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/caa7hugfc+_vgxh-gtydy-csg+id+uk1xw4wny3q8fj0ohaq...@mail.gmail.com
Re: Doing something about "should remain private forever" emails
On Wed, Jun 19, 2013 at 07:35:26PM +0200, Raphael Geissert wrote: > If people start asking for the non-disclosure of their messages in > other languages or any other way that prevents an automated process > then it is their problem. They would be fighting against their own > desire. > It's really not - the onus is on the person doing the declassification. Efforts to reduce this is welcome, but false positives (for declassification) must be reduced as much as possible, and this is only possible via manual processing. Hence the reason why the GR has never been enacted[0]. Additionally, changing the rules in this way from what was agreed the norms at the time is the very reason I seconded the amendment to that vote. Neil [0] And also the reason I dislike any votes which require a future theoretical person to do a large amount of work. -- signature.asc Description: Digital signature
Re: Doing something about "should remain private forever" emails
[Dropping -private, just like I originally wanted by setting a reply-to -project] On 19 June 2013 08:24, Jonathan Nieder wrote: > Stephen Gran wrote: >> So, who's going to do this work? While they're reading every single >> message sent to the list over the last decade and a half, wouldn't it >> make more sense to just honor the GR than to make up more work that >> nobody is ever going to do? > > I think Raphael was suggesting incremental work that could be done > before that's done, unlike the daunting declassification work that > requires being very careful to check and double-check for each message > that it is not intended to be private forever. I believe sgran's question was intended for Charles' proposal that is basically more time consuming than declassifying. And yes, the benefit of my proposal is that everything that can be automatically detected as not to be made public (following the guidelines of the GR, if you wish) can be buried without hesitation. If people start asking for the non-disclosure of their messages in other languages or any other way that prevents an automated process then it is their problem. They would be fighting against their own desire. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAA7hUgEpC8A1imtkF2LX6OM+Nq=9SbbQr234Qyf=snt+tct...@mail.gmail.com
Re: Doing something about "should remain private forever" emails
On Wed, Jun 19, 2013 at 07:11:26AM +0100, Stephen Gran wrote: > So, who's going to do this work? While they're reading every single > message sent to the list over the last decade and a half, wouldn't it > make more sense to just honor the GR than to make up more work that > nobody is ever going to do? This was precisely the problem with the GR > in the first place - it was a "somebody should really do that" > statement, and Debian has never worked that way. +1 (even if there exist several "+1" about the GR in previous threads) Could please everybody who adds another suggestion please start the mail by "I'm volunteering to spend x hours to implement the following ..." Kind regards Andreas. -- http://fam-tille.de -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130619094540.ge17...@an3as.eu
Re: Doing something about "should remain private forever" emails
Stephen Gran wrote: > So, who's going to do this work? While they're reading every single > message sent to the list over the last decade and a half, wouldn't it > make more sense to just honor the GR than to make up more work that > nobody is ever going to do? I think Raphael was suggesting incremental work that could be done before that's done, unlike the daunting declassification work that requires being very careful to check and double-check for each message that it is not intended to be private forever. I like the idea, if someone wants to do the work, and I don't think it would require a GR. Thanks, Jonathan -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130619062406.GB2968@elie.Belkin
Re: Doing something about "should remain private forever" emails
This one time, at band camp, Charles Plessy said: > Le Tue, Jun 18, 2013 at 10:49:55PM +0200, Raphael Geissert a écrit : > > > > At present, new DDs can access emails that were sent to -private years ago. > > People who might (or might not) be a member of the project and sent an > > email > > may not necessarily agree to that. Or a less controversial example: put > > simply, if an unauthorised person gets a hand on master.d.o there is no > > hope > > for those messages. > > Hi Raphael and everybody, > > couldn't we first have a split of the list into: So, who's going to do this work? While they're reading every single message sent to the list over the last decade and a half, wouldn't it make more sense to just honor the GR than to make up more work that nobody is ever going to do? This was precisely the problem with the GR in the first place - it was a "somebody should really do that" statement, and Debian has never worked that way. Just sayin' Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Doing something about "should remain private forever" emails
On Wed, 19 Jun 2013, Mohammed Adnène Trojette wrote: > On Tue, Jun 18, 2013, Raphael Geissert wrote: > > Comments? > > The spirit of the GR was to open more (even before OpenData became > trendy, cf. today's G8's declaration). I fear that your proposal will > ease the opposite. If the messages which are clearly listed as never to be public are removed from the main archive then surely the task of declassifying the rest will be a lot easier. So therefore it might even happen. :-# -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201306191346.00911.russ...@coker.com.au
Re: Doing something about "should remain private forever" emails
Le Tue, Jun 18, 2013 at 10:49:55PM +0200, Raphael Geissert a écrit : > > At present, new DDs can access emails that were sent to -private years ago. > People who might (or might not) be a member of the project and sent an email > may not necessarily agree to that. Or a less controversial example: put > simply, if an unauthorised person gets a hand on master.d.o there is no hope > for those messages. Hi Raphael and everybody, couldn't we first have a split of the list into: - one "people" list for messages related to people's private life. For this list, the the most easy way to solve the problem of declassification would be to not archive it. - one "project" for messages related to Debian but that the senders beleive should not be shared with non-members. For the "project" list related to Debian, as a first step of declassification, we should regularly inform the public of what was discussed. This could be aided by a third list, similar to debian-devel-announce, where people who start a thread can inform others about issues and timelines. The messages should then be written with declassification in mind. For instance, I see two monster threads in the archives of May, which make very happy that I an not subscribed. It is our culture that our disucssions give more space to the DDs who have enough free time to read and write dozens of emails per day. Luckily, the end result in term of decisions is not too bad. But still, I would be happy if there were an easy way to know what is going on, and that does not require reading or deleting hundreds of emails. If we reach that level of transparency, then the declassification of each message becomes less important, as it becomes about who thinks what, and not about what the project decided and was not made public. (PS: feel free to paste the proposal in the wiki if you like it). Have a nice day, -- Charles Plessy Tsurumi, Kanagawa, Japan -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130618224736.gc...@falafel.plessy.net
Re: Doing something about "should remain private forever" emails
Mohammed Adnène Trojette dijo [Wed, Jun 19, 2013 at 12:02:39AM +0200]: > [I don't read d-projet] > > On Tue, Jun 18, 2013, Raphael Geissert wrote: > > Comments? > > The spirit of the GR was to open more (even before OpenData became > trendy, cf. today's G8's declaration). I fear that your proposal will > ease the opposite. Right. and let me think a bit further: I think that, given the GR, your proposal goes directly against it (further closing down access to something that should be open, although nobody has taken any steps to make it so). I *think* (but have no real knowledge to say this) that, were you to implement this idea, it would have first to undergo a GR allowing to further close down all history. But yes, given the extremely deficient way in which this GR was implemented (which is to say, it was never implemented), maybe a GR reverting it would not be out of place. -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130618224104.ga61...@gwolf.org
Re: Doing something about "should remain private forever" emails
[I don't read d-projet] On Tue, Jun 18, 2013, Raphael Geissert wrote: > Comments? The spirit of the GR was to open more (even before OpenData became trendy, cf. today's G8's declaration). I fear that your proposal will ease the opposite. -- Adnène -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130618220239.gg27...@diwi.org
Re: Doing something about "should remain private forever" emails
Paul Tagliamonte wrote: > So, to get mail from 2 years ago, you have to decompress every tarball > between now and then? s/decompress/decrypt/ yes, that's the idea. Possibly having the secrets shared between different people every time. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/kpqic1$rek$1...@ger.gmane.org
Re: Doing something about "should remain private forever" emails
On Tue, Jun 18, 2013 at 10:49:55PM +0200, Raphael Geissert wrote: > At present, new DDs can access emails that were sent to -private years ago. I've read such emails, just to get an idea of what's been sent, to figure out what the heck private is for, really (when I was a green DD). I mean, I don't really see a problem with that, if we trust them to be on private, we should trust them to respect that, regardless of when the mail was sent. > People who might (or might not) be a member of the project and sent an email > may not necessarily agree to that. Or a less controversial example: put > simply, if an unauthorised person gets a hand on master.d.o there is no hope > for those messages. > [..] > previous one, so that only one tarball exists in master.d.o. Access to old So, to get mail from 2 years ago, you have to decompress every tarball between now and then? > Comments? Interesting idea! Paul -- .''`. Paul Tagliamonte : :' : Proud Debian Developer `. `'` 4096R / 8F04 9AD8 2C92 066C 7352 D28A 7B58 5B30 807C 2A87 `- http://people.debian.org/~paultag signature.asc Description: Digital signature
Doing something about "should remain private forever" emails
Hi, So everyone knows that the declassification of -private isn't going to happen any time soon. Why not do the opposite? there is probably more interest in that and would be "easier" to implement. At present, new DDs can access emails that were sent to -private years ago. People who might (or might not) be a member of the project and sent an email may not necessarily agree to that. Or a less controversial example: put simply, if an unauthorised person gets a hand on master.d.o there is no hope for those messages. So, "the opposite" of declassifying: instead of finding out what can be declassified, remove all "should remain private forever", VAC, and similar messages from the archive and put them in a tarball which is later encrypted by a key that is to be split using SSS. Effectively preventing people from accessing those messages unless really necessary (to the extent that the cooperation from people who have a part of the shared secret is needed). Let's call this "d-private burial". The process could be done for all messages older than d days (365, for example) every m months (12, for example) and new tarballs could include the previous one, so that only one tarball exists in master.d.o. Access to old tarballs would then require those who have parts of the keys to the new ones and those with parts of the keys of the old ones - or cracking the encryption, whatever happens first. Comments? From a bag of random, years-old, thoughts, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201306182249.56588.geiss...@debian.org
