On Fri, Feb 23, 2007 at 12:16:52PM -0300, Gustavo Franco wrote: > That's up to the person behind the *my* you wrote, disclose $ADDRESS > and $NUMBER. The same can't be said about our email address, so what's > the point really? I don't think the DSA members will want to disclose > this kind of information and if somebody does, they won't be forced to > do so. Let me rewrite what would happen IRL, IMHO: > "Please send the machine to my home address - I'll drive out to the DC > and put the machine on-line ASAP. Give the sipping company my phone > number. I'll send you *my personal details* privately." You are assuming that the person sending the e-mail is aware that the information they are sending is going to end up publically visible. With a lot of tracking systems this may not be the case. In the particular case of RT the work flow appears to involve generating e-mails to which anyone can reply, with replies causing information to be added to the ticket. This means that it's easy for someone to put information in there without ever realising that there's a public archive. > I still disagree with a private tracking system for DSA. Almost all > the information isn't sensible and can be there, the details can be > passed privately and it's up to the message submitter and nobody else. > It isn't like a person out of DSA can disclose sensible information > that will put DSA stuff at risk. I do agree that we should make an effort to make information available but we need to be aware of the problems that could arise and take steps to mitigate them. The case with keyring-maint is even worse for this since people might decide to do things like send scans of ID documents. -- "You grabbed my hand and we fell into it, like a daydream - or a fever."
Description: Digital signature