2008/6/24 Dan Price <[EMAIL PROTECTED]>: > On Tue 24 Jun 2008 at 06:32PM, Christopher Kampmeier wrote: >> It seems like even IPS itself could sense movement of an IPS image and >> force a UUID reset or unset automatically. Failing that, image >> management tools such as an installer could force a reset. > > The definition of "movement" is tricky. Unless you want to do something > icky like compare inodes, I'm not sure how to do this. Maybe I'm > overlooking something obvious. > >> >One of the comments that Stephen supplied in this thread was that the >> >>UUID should be opt-out, not opt-in. >> > >> I'm expecting that this will be handled by an installer. A UUID cannot >> be set for a pre-installed image that is copied from a CD or downloaded >> because then everyone would have the same one. So it has to be set by >> the installer (by calling --reset-uuid). That part will be automatic, >> and to opt out, someone can run --unset-uuid. > > I was wondering why we'd do this by setting and unsetting the UUIDs > in this way-- let's just always maintain a UUID for every image, and > then let the user select whether that UUID is transmitted or not. > > As an aside: I would like the design to be flexible with respect to > opt-in-by-default or opt-out-by-default, in case we need to alter that > setting in the future. > > I passed this along to Stephen, and will share it here: > http://john.jubjubs.net/2008/05/13/mozilla-firefox-data/ > (see especially the comments). > > The redux is that different people in different parts of the world > have different opinions about anonymity and privacy. We may think > those terms are either fairly black and white, or fairly static, but they > aren't. Staying flexible here may be important.
I'd have to echo the same concern. Ubuntu's package popularity contest is also a good example of this. It's something you're explicitly asked to opt-in to at some point (when I don't remember). However, we also probably need a policy on the server side so that depot servers can refuse connections from clients who don't provide this information (I could see that being very useful in a corporate environment). Although, with client certificates, that may provide the same purpose (i.e. you can't connect without a client certificate, and obviously the certificate can provide a unique identifier of sorts). -- Shawn Walker _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
