On Tue, Sep 13, 2016 at 02:04:19PM +0200, Thibaut Paumard wrote: > My understanding is that at least some of us don't want a generic > process right now, but would be quite fine with someone trying to work > out a process that works for a well defined subset of debian-private.
That's... an interesting point. It is obviously okay for anyone who posted to disclose what they wrote to -private at any point; maybe a feasible and interesting starting point would be a service that let's people easily disclose their own old mails to -private. - track quoted text to previous -private mails; if they're released, quoted text can be released too, if not it should be redacted - check Message-Ids References and In-Reply-To headers, if a Message-Id from another -private post that's not disclosed is referenced, redact it - track disclosed participants in a thread (based on From: address), and redact names/addresses in To: Cc: Bcc: Mail-Followup-To: and Reply-To: headers if that name/address isn't disclosed elsewhere in the thread. Maybe headers from the initial mail to a thread are okay to disclose, whenever the initial mail gets disclosed. - requests for the service to disclose an email could require a signature by a key in the current DD/DC keyring with a name or email address that matches the "From:" field? It'd require some moderately clever coding to get the quoted redactions done, and I'm not sure how hard it would be to write a secure service that handles gpg-signed requests, so maybe that's still too hard of course. Maybe you could avoid the gpg-signed bit by just using sso.d.o or a group-writable directory with the sticky-bit set or something. (gpg signatures would prevent the admin of the service from being able to untracably disclose other people's mails, or people disclosing their own mails then claiming the admin did it without their permission though) I think that if that was implemented, a bunch of interesting old mails could and would get disclosed, without having to much politics to worry about... (If you couldn't easily disclose your own mails while redacting quoted text and other participants, I think there'd still be lots of complaints) In theory, a service like that could be used by other groups (in Debian and outside) that have private email discussions and a desire to be more transparent. (Except for the gpg part I guess...) Cheers, aj
