On 01/13/2015 08:01 AM, Thierry Carrez wrote:
> Kuvaja, Erno wrote:
>> [...]
>> 1) One does not need to express themselves in a way that is for public. (
>> Misunderstandings can be corrected on the fly if needed. ) There is no need
>> to explain to anyone reading the logs what you actually meant during the
>> conversation month ago.
>> 2) there is level of confidentiality within that defined audience. ( For
>> example someone not familiar with the processes thinks they have found
>> security vulnerability and comes to the IRC-channel to ask second opinion.
>> Those details are not public and that bug can still be raised and dealt
>> properly. Once the discussion is logged and the logs are publicly available
>> the details are publicly available as well. )
>> 3) That defined audience does not usually limit content. I have no problem
>> to throw my e-mail address, phone number etc. into the channel, I would not
>> yell them out publicly.
>> [...]
>
> All 3 arguments point to issues you have with *public* channels, not
> *logged* channels.
>
> Our IRC channels are, in effect, already public. Anyone can join them,
> anyone can log them. An embargoed vulnerability discussed on an IRC
> channel (logged or not) should be considered leaked. I agree that
> logging makes it easier for random people to access that already-public
> information, but you can't consider an IRC channel private (and change
> your communication style or content) because it's not logged by eavesdrop.
>
> What you seem to be after is a private, invitation-only IRC channel.
> That's an orthogonal issue to the concept of logging.
Honestly, I do think it's probably worth having an OpenStack wide bit of
guidance here, especially now that every project has felt the need to
spin up their own channel instead of using #openstack-dev (which is
currently mostly void of content).
Not having these logs means we often are missing important parts of
historical context when decisions are made, because a lot more design is
happening in unarchived formats than archived ones.
-Sean
--
Sean Dague
http://dague.net
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
