Ian Jackson dijo [Thu, Sep 08, 2016 at 05:07:47PM +0100]: > (...) > So, how about something like this: > > Title: Acknowledge difficulty of declassifying debian-private > > 1. The Debian Project regrets the non-implementation of the 2005 > General Resolution titled "Declassification of debian-private list > archives". That General Resolution is hereby repealed. > > 2. In case volunteers should come forward: Permission remains for the > list archives (of any messages, whether posted before or after > this resolution) to be declassified, provided that the > declassification process is at least as respecting of the privacy > of posters to debian-private as the process set out in the 2005 > General Resolution. > > 3. Furthermore, the Debian listmasters remain empowered (subject to > the usual consultation processes within the Debian project) to > revise the rules governing the privacy and declassification of > messages to -private. This includes making measures to make > declassification more widely applicable, or easier to automate. > > 4. But, any weakening of the privacy expectations must not be > retrospective: changes should apply only to messages posted after > the rule change has come into force. > > 5. In particular, we reaffirm this rule: no part of a posting made to > -private, which explicitly states that it should not be > declassified, may be published (without its author's explicit > consent). This rule may be changed by the listmasters (para.3, > above), but only for future messages (para.4, above), and only > following consultation, and only with ample notice. > > 5. Participants are reminded to use -private only when necessary. I would agree to something like this. However, Point #2 has shown to be not implementable in practice for eight years already. I sat with Nicolas and we thought about this when he drafted his original GR, which I am attempting now to resurrect — I (we, but I'm not putting words in his mouth) want Debian to stop lying. So, as the 2005 GR *compels* us to create a declassification team that never came to light, even with the DPL's explicit call in 2010¹, I hold it's only fair to first and foremost say "we failed at that task, we are not going to pursue it". So, my reintroduced GR proposal covers your point #1. ¹ https://lists.debian.org/debian-project/2010/05/msg00105.html Points 3, 5 and 5 (☺), it's just making explicit and re-stating the status quo. Points 2 and 4 remain, so, the only contentious part here (and their expression is the reason, I believe, Nicolas' amended GR failed): They are implementation details. I'd rather leave implementation details to be discussed if they ever need to be. I agree with your #4, but it would hamper many studies that could be hypothetically carried out to the list archives. So, I'd rather think about it if need arises later on.
Description: Digital signature