[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

GR Proposal 2: Declassification of -private

Okay, incorporating Manoj's proposed changes, and some other ideas:

On Tue, Nov 15, 2005 at 12:08:15PM +1000, Anthony Towns wrote:
> One of the issues Debian often stands for is transparency and openness
> -- indeed, the openness of our bug tracking system is codified in the
> Social Contract's statement "We will not hide problems". However, one
> particular area of significance within the project is not open at all:
> the debian-private mailing list.
> This list has hosted a number of significant discussions over the years,
> including most of the discussion inspiring the original statement
> of Debian's Social Contract and the Debian Free Software Guidelines,
> the reinvetion of the new-maintainer process, debate on the qmail to
> exim/postfix transition for Debian mail servers and more. This trend
> continues today, with the six months just past have averaged around 190
> posts per month.
> Especially given Debian is the focus of academic work (such as Biella
> Coleman's paper), and has inspired other groups to emulate our commitment
> to free software and our community (GenToo, Wikipedia, the Open Directory
> Project and OpenSolaris), we should make our discussions on issues like
> these and the reasoning behind the solutions we adopt accessible to the
> rest of humanity.
> I think the easiest way to do that is to adopt an approach similar to that
> of governments that deal with classified documents; that is by setting a
> specific time after which -private posts will be required to be considered
> for declassification (ie, publication) and redacting only those posts (or
> portions of posts) for which there's still a good reason to keep private.

Thus, I propose that the Debian project resolve that:

In accordance with principles of openness and transparency, Debian will
seek to declassify and publish posts of historical or ongoing significance
made to the Debian Private Mailing List.

This process will be undertaken under the following constraints:

  * The Debian Project Leader will delegate one or more volunteers
    to form the "debian-private declassification team".

  * The team will automatically declassify and publish posts made to
    that list that are three or more years old, with the following

    - the author and other individuals quoted in messages being reviewed
      will be contacted, and allowed between four and eight weeks
      to comment;

    - posts that reveal financial information about individuals or
      organisations other than Debian, will have that information

    - requests by the author of a post for that post not to be published
      will be honoured;

    - posts of no historical or other relevance, such as vacation
      announcements, or posts that have no content after personal
      information is removed, will not be published, unless the author
      requests they be published;

    - comments by others who would be affected by the publication of
      the post will also be taken into account by the declassification

    - the list of posts to be declassified will be made available to
      developers two weeks before publication, so that the decisions
      of the team may be overruled by the developer body by General
      Resolution, if necessary -- in the event such a resolution is
      introduced (ie, proposed and sponsored), the declassification
      and publication of messages specified by the resolution will be
      deferred until the resolution has been voted on.

> According to the interweb, classified US government documents relating
> to national security have to be released after at most ten years (unless
> there're particular reasons to extend that); the oldest mail in the
> -private archives turns ten on January 21st next year. I don't want to
> see Debian be more secretive than the US military industrial complex :)
> And beyond that, there really are a lot of good ideas stuck in the
> -private archives that it'd be nice to be able to refer to properly.

The changes since the original:

   - authors have a veto over publication (Manoj's changes)
   - people quoted in messages rather than other recipients should be
   - security problems don't get special treatment; they can be vetoed
     by the post's author though
   - specific details for overriding the team's decisions by the

Seconds so far:

   Don Armstrong (original or Manoj's changes)
   Joey Hess (original only, no comment on Manoj's changes)
   Wouter Verhelst (Manoj's changes, no comment on original)
   Bas Zoetekouw (Manoj's changes, no comment on original)
   Daniel Ruoso (original preferred over Manoj's changes)

Five's enough to second a proposal, but only if they all second the same
one :)

> Comments, suggestions and seconds appreciated.


Attachment: signature.asc
Description: Digital signature

Reply to: