Re: Proposed GR: Repeal the 2005 vote for declassification of the debian-private mailing list
On Tue, Sep 13, 2016 at 02:04:19PM +0200, Thibaut Paumard wrote:
> My understanding is that at least some of us don't want a generic
> process right now, but would be quite fine with someone trying to work
> out a process that works for a well defined subset of debian-private.
That's... an interesting point.
It is obviously okay for anyone who posted to disclose what they wrote
to -private at any point; maybe a feasible and interesting starting
point would be a service that let's people easily disclose their own
old mails to -private.
- track quoted text to previous -private mails; if they're released,
quoted text can be released too, if not it should be redacted
- check Message-Ids References and In-Reply-To headers, if
a Message-Id from another -private post that's not disclosed is
referenced, redact it
- track disclosed participants in a thread (based on From: address),
and redact names/addresses in To: Cc: Bcc: Mail-Followup-To: and
Reply-To: headers if that name/address isn't disclosed elsewhere in
the thread. Maybe headers from the initial mail to a thread are okay
to disclose, whenever the initial mail gets disclosed.
- requests for the service to disclose an email could require a signature
by a key in the current DD/DC keyring with a name or email address that
matches the "From:" field?
It'd require some moderately clever coding to get the quoted redactions
done, and I'm not sure how hard it would be to write a secure service
that handles gpg-signed requests, so maybe that's still too hard of
course. Maybe you could avoid the gpg-signed bit by just using sso.d.o
or a group-writable directory with the sticky-bit set or something.
(gpg signatures would prevent the admin of the service from being able
to untracably disclose other people's mails, or people disclosing their
own mails then claiming the admin did it without their permission though)
I think that if that was implemented, a bunch of interesting old mails
could and would get disclosed, without having to much politics to worry
(If you couldn't easily disclose your own mails while redacting quoted
text and other participants, I think there'd still be lots of complaints)
In theory, a service like that could be used by other groups (in Debian
and outside) that have private email discussions and a desire to be more
transparent. (Except for the gpg part I guess...)