[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: GR Proposal 2: Declassification of -private

Hash: SHA1

Anthony Towns <aj@azure.humbug.org.au> writes:

> Okay, incorporating Manoj's proposed changes, and some other ideas:
> On Tue, Nov 15, 2005 at 12:08:15PM +1000, Anthony Towns wrote:
>> One of the issues Debian often stands for is transparency and openness
>> -- indeed, the openness of our bug tracking system is codified in the
>> Social Contract's statement "We will not hide problems". However, one
>> particular area of significance within the project is not open at all:
>> the debian-private mailing list.
>> This list has hosted a number of significant discussions over the years,
>> including most of the discussion inspiring the original statement
>> of Debian's Social Contract and the Debian Free Software Guidelines,
>> the reinvetion of the new-maintainer process, debate on the qmail to
>> exim/postfix transition for Debian mail servers and more. This trend
>> continues today, with the six months just past have averaged around 190
>> posts per month.
>> Especially given Debian is the focus of academic work (such as Biella
>> Coleman's paper), and has inspired other groups to emulate our commitment
>> to free software and our community (GenToo, Wikipedia, the Open Directory
>> Project and OpenSolaris), we should make our discussions on issues like
>> these and the reasoning behind the solutions we adopt accessible to the
>> rest of humanity.
>> I think the easiest way to do that is to adopt an approach similar to that
>> of governments that deal with classified documents; that is by setting a
>> specific time after which -private posts will be required to be considered
>> for declassification (ie, publication) and redacting only those posts (or
>> portions of posts) for which there's still a good reason to keep private.
> Thus, I propose that the Debian project resolve that:
> ---
> In accordance with principles of openness and transparency, Debian will
> seek to declassify and publish posts of historical or ongoing significance
> made to the Debian Private Mailing List.
> This process will be undertaken under the following constraints:
>   * The Debian Project Leader will delegate one or more volunteers
>     to form the "debian-private declassification team".
>   * The team will automatically declassify and publish posts made to
>     that list that are three or more years old, with the following
>     exceptions:
>     - the author and other individuals quoted in messages being reviewed
>       will be contacted, and allowed between four and eight weeks
>       to comment;
>     - posts that reveal financial information about individuals or
>       organisations other than Debian, will have that information
>       removed;
>     - requests by the author of a post for that post not to be published
>       will be honoured;
>     - posts of no historical or other relevance, such as vacation
>       announcements, or posts that have no content after personal
>       information is removed, will not be published, unless the author
>       requests they be published;
>     - comments by others who would be affected by the publication of
>       the post will also be taken into account by the declassification
>       team;
>     - the list of posts to be declassified will be made available to
>       developers two weeks before publication, so that the decisions
>       of the team may be overruled by the developer body by General
>       Resolution, if necessary -- in the event such a resolution is
>       introduced (ie, proposed and sponsored), the declassification
>       and publication of messages specified by the resolution will be
>       deferred until the resolution has been voted on.
> ---
>> According to the interweb, classified US government documents relating
>> to national security have to be released after at most ten years (unless
>> there're particular reasons to extend that); the oldest mail in the
>> -private archives turns ten on January 21st next year. I don't want to
>> see Debian be more secretive than the US military industrial complex :)
>> And beyond that, there really are a lot of good ideas stuck in the
>> -private archives that it'd be nice to be able to refer to properly.
> The changes since the original:
>    - authors have a veto over publication (Manoj's changes)
>    - people quoted in messages rather than other recipients should be
>      contacted
>    - security problems don't get special treatment; they can be vetoed
>      by the post's author though
>    - specific details for overriding the team's decisions by the
>      developers
> Seconds so far:
>    Don Armstrong (original or Manoj's changes)
>    Joey Hess (original only, no comment on Manoj's changes)
>    Wouter Verhelst (Manoj's changes, no comment on original)
>    Bas Zoetekouw (Manoj's changes, no comment on original)
>    Daniel Ruoso (original preferred over Manoj's changes)
> Five's enough to second a proposal, but only if they all second the same
> one :)
>> Comments, suggestions and seconds appreciated.
> Cheers,
> aj

I second this proposal.

- -- 
* Sufficiently advanced magic is indistinguishable from technology (T.P)  *
*           PGP public key available @ http://www.iki.fi/killer           *
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/>


Reply to: