Re: PTS subscription exposure
* Raphael Hertzog <firstname.lastname@example.org> [2010-03-02 11:27:25 CET]:
> On Tue, 02 Mar 2010, Gerfried Fuchs wrote:
> > This is IMNSHO a serious violation and breach of privacy. It doesn't
> IMO it's not. The PTS is like launchpad but for Debian and there you can
> see who is subscribed to each package and to each bug:
> See "bug subscriptions" and "subscribers" box on the right.
Just because others do expose that informations by default doesn't mean
it is a good thing nor that Debian has to go that path nor that it is
alright to change that _afterwards_, after it has been established for a
long time already the way it is, without any mentioning or discussion
> Lucas had my blessing as PTS maintainer to expose hashed versions of the
That doesn't make it any better, rather the contrary: That just means
that you also don't care for the privacy of the data that you received
from your users.
> It has been discussed with the PTS maintainers and I decided it was OK for
> him to do that. My main concern was not exposing email to protect from
They are still indirectly exposed because like Lucas confirmed himself,
that's the easy part.
> We're working in an open manner, I fail to see what you fear by letting
> people know on what you are subscribed or not.
Alright, let's also expose list subscriptions along the same reasoning.
Again, this is not your job to judge which lists I would be interested
> Quite on the contrary I find it valuable information for MIA-tracking,
> for finding possible co-maintainers, etc.
MIA-tracking is done in the same privacy area that the original PTS
data was born in, and that on intention. I fail to see at all how that
new interface with opening that information to the public makes that any