Re: private email aliases considered harmful (Re: bits from the DPL for September 2011)

2011-11-19 Thread Stefano Zacchiroli 
On Tue, Nov 08, 2011 at 01:13:46PM -0500, Filipus Klutiero wrote:
 I believe the first thing to do is to make project leadership
 transparent. For as long as the constitution will give it such a
 crucial role, and as long as it will be so low on resources compared
 to the project's size, the team has high risks of seeing its
 performance degrade to sub-optimal levels. It often got minimal (if
 not worst) for fairly damaging durations.

I'm not sure of I should interpret project leadership here and in the
rest of your mail. In some parts it seems to refer to the DPL, in some
others it seems to be more broad.  Under the assumption that you
actually meant the DPL, I feel obliged to comment on this.


There are different kinds of transparency. For the DPL, a democratically
elected role, IMO the most important kind of transparency is
accountability towards Project members --- as it is them who get to vote
in DPL elections, and it is them who are represented by the DPL.  I've
worked quite a bit on that front, by daily documenting since the
beginning of my first term what I've been doing with my DPL hat on. The
corresponding daily logs are, however, accessible only to project
members.  I've discussed the reasons of this choice not a long ago in
reply to a follow-up by Paul Wise to a bits from DPL mail. It can
easily by found on -devel archives.

The second kind of transparency descends from the general commitment to
openness of the Debian Project. I've tried to fulfill that kind of
transparency with monthly bits from DPL mails (see wiki.d.o/Teams/DPL
for an index), that are essentially summarized versions of the daily
logs for the corresponding reporting period.  My implicit assumption in
all the above has always been that people should be able to understand
the DPL team has a problem (e.g. has gone MIA, burned out, whatever)
as soon as he/she stops reporting.


As long as the DPL remains a single-seat position, it's not clear to me
what more can be done to play that role more transparently.  We could do
better if, for instance, we had a board of DPL helpers that shares the
corresponding TODO list. Such a board + the DPL could hold periodic
public meetings on IRC to discuss the status quo of the open tasks and
also spare some time for interaction with attendees for questions and
the like. That is the sole arrangement I can imagine that would have
chances to increase the transparency of DPL-related activities even
further.  (Bonus point: people on the board will get some de facto
training in DPL tasks and could, if they want to, apply in subsequent
elections with more awareness of the task than DPL candidates usually
have.)

To get there, however, the raw material needed are volunteers to help
with DPL tasks. Having thought about the above since quite a while, I've
repeatedly called for volunteers to work on DPL-related tasks.
Unfortunately, with little success so far ... but I haven't given up
hope yet (hint hint :-)).


Cheers.
-- 
Stefano Zacchiroli zack@{upsilon.cc,pps.jussieu.fr,debian.org} . o .
Maître de conférences   ..   http://upsilon.cc/zack   ..   . . o
Debian Project Leader...   @zack on identi.ca   ...o o o
« the first rule of tautology club is the first rule of tautology club »


signature.asc
Description: Digital signature

private email aliases considered harmful (Re: bits from the DPL for September 2011)

2011-11-08 Thread Filipus Klutiero 

Le 2011-10-09 09:48, Stefano Zacchiroli a écrit :

[...]

- I've made the private email aliases considered harmful point [10],
   in a somehow unrelated thread. I ask you to watch out for interactions
   in Debian that could happen only through private email addresses.
   There are some cases where they are warranted (e.g. security or
   privacy concerns), but having regular activities of a team going
   through private email aliases harms us in so many ways.


Thank you Stefano. I agree, transparency in communications is very 
powerful, we should try hard to be as transparent as possible. One of 
the primary points which attracted me to Debian was its transparency, 
which was mostly achieved through the issue tracking system. I am very 
dissatisfied to see that years after I switched, some of our critical 
contact points are still using private email aliases (rather than the 
BTS, public mailing lists, or something else).

  Please point
   me to project areas that could benefit from improvements on this
   front, ... unless you can just go ahead and fix the issue!


I had several problems with the BTS a few years ago. The main contact 
point for the BTS being a private email alias, it took me a very long 
time to realize that the team had chronic issues. And, when I realized 
it, it took me a very long time to investigate these.


Of course, one of the first resources to contact when teams break should 
be project leadership. Project leadership has been conducting a survey 
of teams, hoping to detect problems just like the BTS team's. 
Preliminary results were published in June 2008, but I haven't heard 
about the survey since. I asked lea...@debian.org for an update on the 
teams survey in March 2010, but am still waiting for an answer. Project 
leadership also has the black box issue, apparently even more than the 
BTS team.


In fact, I waited to hear from private email aliases for years. When 
time came to go further, I no longer had the free time and motivation to 
tackle sizable issues like team breakage. Meaning the problem with the 
BTS team probably persists, and is probably affecting other people. I 
can only hope some will be less patient than I was towards private email 
aliases.


I believe the first thing to do is to make project leadership 
transparent. For as long as the constitution will give it such a crucial 
role, and as long as it will be so low on resources compared to the 
project's size, the team has high risks of seeing its performance 
degrade to sub-optimal levels. It often got minimal (if not worst) for 
fairly damaging durations. On one hand, using a private email alias is 
less problematic for teams with a clearly identified leader, as it's 
easier to see when such teams break. On the other hand, teams with few 
people are more fragile, and overloaded teams are also more fragile. If 
it takes say a year to investigate a black box, that means with yearly 
elections we could be investigating the team full time.
The fact that private email aliases make it so hard to even detect team 
breakage is the most important problem for me.



Even though the project is mostly transparent, there is a surprising 
number of private email aliases still in use. And it's not too hard to 
find some, if you just look at http://www.debian.org/intro/organization 
and search for @debian.org. Several teams which are regularly 
discussed do match that pattern.


DSA appears to be a more complicated case: http://wiki.debian.org/Teams/DSA
Of the 3 contact methods:

   * debian-ad...@debian.org mailto:debian-ad...@debian.org is
 clearly private
   * debian-ad...@lists.debian.org mailto:debian-ad...@debian.org
 (the contact address on the organization page) appears to be for
 non-confidential purposes, but the list seems to be private
   * The team also has a request tracker, which the documentation (
 http://wiki.debian.org/Teams/DSA/RTUsage ) suggests is public, but
 it also appears to be private


listmaster, which uses the address listmas...@lists.debian.org, is a 
misleading case. That address doesn't actually correspond to a mailing list.



So lots of opportunities for improvement. Some teams simply have a 
composition that refuses accountability. Others, like project 
leadership, should be fairly easy to make [more] transparent. Some teams 
deal with confidential information and shouldn't simply get public. Such 
teams could use having different contact points (like DSA appears to 
intend to have) depending on the topic. For some of these, only a 
minority of activities are sensitive.
It would be great if our issue tracking system would support 
confidentiality, but let's not wait for that to happen. Teams 
exclusively using a private email alias which do not refuse 
accountability should choose between a public mailing list and an issue 
tracker and, depending on their activities, implement it as either their 
new single contact method, their preferred contact method or as

Re: private email aliases considered harmful (Re: bits from the DPL for September 2011)

2011-11-08 Thread Don Armstrong 
On Tue, 08 Nov 2011, Filipus Klutiero wrote:
 I had several problems with the BTS a few years ago. The main
 contact point for the BTS being a private email alias,

Just as a side note, anyone who can log into a Debian machine and who
actually wants to read the mail to ow...@bugs.debian.org can do so by
logging into busoni.debian.org, and reading
/srv/bugs.debian.org/mail/owner/owner*. We have archives of all mail
since some time in 2002 there.


Don Armstrong

-- 
[T]he question of whether Machines Can Think, [...] is about as
relevant as the question of whether Submarines Can Swim.
 -- Edsger W. Dijkstra The threats to computing science

http://www.donarmstrong.com  http://rzlab.ucr.edu


-- 
To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/2008183417.gn19...@rzlab.ucr.edu