Google
  Web www.spinics.net

Re: Privacy Policy Concern

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Thu, 08 Mar 2012 17:09:17 -0800
"Karsten 'quaid' Wade" <kwade@xxxxxxxxxx> wrote:

> I understand what you are saying. We have to balance personal rights
> with the rights of the community to know who they are entrusting. The
> "know who" in an online world comes about by interacting with people,
> building trust, and so forth.
> 
> In a simplistic sense, is what you are suggesting is that all FAS
> information be a secret that only a few sysadmins can access? Those
> sysadmins would be the centers of a trust web - I would have to trust
> those sysadmins that there are real people who can be reached (via
> email, for example) behind usernames.
> 
> In order to contact another user who I hadn't personally traded
> addresses with, I would have to use perhaps a web interface? Or would
> username@xxxxxxxxxxxxxxxxx still be accessible information?

I don't think making 'username' private is practical or desirable. 

Our community is a meritocracy (or we would at least like it to be). 
Without some identifier for a persons actions and accomplishments, we
can't know who should be allowed to do more or less based on merit. 

From a technical side, virtually all our tools would stop working or
become useless. ;) Imagine filing a ticket and thinking, "Hey, someone
could fix this, if I only could add them to the ticket to look, oh
well".

> 
> > Further, speaking for myself, when I signed up years ago, I did
> > not realise that: a. I could not change my username after sign up 
> > b. That this information was going to be public. Of course then,
> > legally "you" would say, well we had this 100 page document in our
> > terms and conditions, but does that make it right ?
> 
> I'm unclear here - are you saying it is not your responsibility to
> read and understand terms and conditions of websites you sign up for?
> If it is not your responsibility, whose is it?
> 
> If the document truly were 100 pages ... but I've always seen Fedora
> strive for brevity in all legal documents.

Yeah. This has also been changed... 
if you sign up for a new account now there is a large banner at the
top: 

NOTE: Username is permanent (i.e. it cannot be changed after
registration and will never be deleted from the system). Personal
information may be updated or removed at any time.

See: https://admin.fedoraproject.org/accounts/user/new

...snip renaming... 

> So that use case I suspect won't happen unless you or someone else
> rewrites FAS to allow for it.

Yeah, renaming is a great deal harder than it seems. 

Not only do you need to just rename the user, but you have to update
all groups, change ownership of any files on any machines the old
username had, etc. 

Additionally, it breaks audit trail. 

Say I sign up as 'phred' and gain a bunch of abilities, and I work on a
bunch of things, then rename my account to 'phredq'. Unless there's a
clear and easy to follow audit trail there, if I come along and see
something 'phred' did I have no way to contact them or know who they
are. 

...snip good questions and answers... 

kevin

Attachment: signature.asc
Description: PGP signature

_______________________________________________
legal mailing list
legal@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/legal

[Fedora Users]     [Fedora Maintainers]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]

Powered by Linux

Google
  Web www.spinics.net