Le jeudi 03 septembre 2009 à 16:33 +0200, Lucas Nussbaum a écrit : > On 03/09/09 at 15:25 +0200, Olivier Berger wrote: > > Le jeudi 03 septembre 2009 à 14:29 +0200, Lucas Nussbaum a écrit : > > > On 28/07/09 at 20:13 +0200, Olivier Berger wrote: > > > > Only small minor additions to the postgres DB are necessary to make > > > > triplify work : a sha1 function and a table to match emails to their > > > > sha1 mailto: hashes. > > > > > > I'm not sure I understand how you plan to use this. If we have a table > > > with all the sha1 hashes for email addresses in UDD, it will be > > > straightforward to get the email address for a particular sha1. > > > > IIRC, what we want to do is to use the SHA1(mailto:em...@domain.com) > > results as components of the Semantic Web resources URIs to easily find > > person's related facts, with a URI compatible syntax, and both some kind > > of anonymity. > > As an example we could imagine something like > > <http://udd.debian.org/resources/account/6688a14521cd97db162af8f9757f2e2232300e50> > > > > as being one of my emails/accounts URI to fetch Debian facts about me > > (like the bugs I reported, etc.). > > > > So if there's a table that directly maps those SHA1 of the mailto:email > > of the current carnivore_email and of the current bugs:submitter, that > > will be really straightforward to make the query and format the results > > as RDF. > > > > I hope I understood your question and responded to it, although I'm not > > completely sure (too much brain overload). > > Oh, so the idea is to never export email addresses in RDF, but only sha1 > hashes of email addresses. To make this easier, the DB will contain a > mapping between emails sha1s. > > Is it really necessary to hide them behind sha1 hashes? If the only > concern is anonymity, I'm not sure that we should hide email addresses. > After all, all the information is already public and easy to browse. See > http://bugs.debian.org/cgi-bin/pkgreport.cgi?submitter=lucas%40lucas-nussbaum.net, > for example.
That's not absolutely necessary, and agree on the fake anonymity, but that's a usual habit in FOAF instead of plain email : http://xmlns.com/foaf/spec/#term_mbox_sha1sum In the absence of an express consent of the Debian reporters to see their plain emails in such RDF, maybe that's a wise default to use SHA1... until people complain and plain email seems more useful. > > Regarding URI-compatibility, wouldn't it be possible to use > lucas%40lucas-nussbaum.net instead of a hash? I suppose. Maybe once/if this is necessary/allowed only ? In any case, the SHA1 is useful to match FOAF profiles with bug reports. So even if you don't know the person's email and they just present their FOAF "identity" to you : you'll still be able to fetch their bugs anyway (and know their email, then, but you may not be forced to display it in such case ;). Hope this is clearer now. Best regards, -- Olivier BERGER <olivier.ber...@it-sudparis.eu> http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 1024D/6B829EEC Ingénieur Recherche - Dept INF Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France) -- To UNSUBSCRIBE, email to debian-qa-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
