[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: PTS subscription exposure


* Raphael Hertzog <hertzog@debian.org> [2010-03-02 11:27:25 CET]:
> On Tue, 02 Mar 2010, Gerfried Fuchs wrote:
> >  This is IMNSHO a serious violation and breach of privacy. It doesn't
> IMO it's not. The PTS is like launchpad but for Debian and there you can
> see who is subscribed to each package and to each bug:
> https://launchpad.net/ubuntu/+source/dpkg
> https://bugs.launchpad.net/ubuntu/+source/dpkg/+bug/262451
> See "bug subscriptions" and "subscribers" box on the right.

 Just because others do expose that informations by default doesn't mean
it is a good thing nor that Debian has to go that path nor that it is
alright to change that _afterwards_, after it has been established for a
long time already the way it is, without any mentioning or discussion

> Lucas had my blessing as PTS maintainer to expose hashed versions of the
> emails.

 That doesn't make it any better, rather the contrary: That just means
that you also don't care for the privacy of the data that you received
from your users.

> It has been discussed with the PTS maintainers and I decided it was OK for
> him to do that. My main concern was not exposing email to protect from
> spam.

 They are still indirectly exposed because like Lucas confirmed himself,
that's the easy part.

> We're working in an open manner, I fail to see what you fear by letting
> people know on what you are subscribed or not.

 Alright, let's also expose list subscriptions along the same reasoning.
Again, this is not your job to judge which lists I would be interested

> Quite on the contrary I find it valuable information for MIA-tracking,
> for finding possible co-maintainers, etc.

 MIA-tracking is done in the same privacy area that the original PTS
data was born in, and that on intention. I fail to see at all how that
new interface with opening that information to the public makes that any


Reply to: