When we developed the arc publishing tool, we explicitly designed it to look for the Sun Information Protection Policy's required phrasing of "Sun Proprietary" and/or "Sun Confidential". All official "non-open" documents from Sun are required to use those forms, and the SAC/ARC templates used them as boilerplate.
The consensus at that time (from both eng mgt and legal) was that we should block anything that had the proper notice form and allow things that did not. It was important to NOT block conversations that included the random words "Sun", "Proprietary" and/or "Confidential", since unless they were in the dictated Sun SPF/IPP form, they were not sufficient IP protection in the first place (i.e., the phrase "I wonder if Sun thinks that this email is Proprietary?" conveys absolutely no IP protection to myself or to Sun, and thus should not be blocked or redacted). Unfortunately, AlanB seems to have unilaterally decided to reinterpret things to broaden the blocking mechanism from the original requirement of "Sun Confidential notices must be removed" to the new "any mention of the words proprietary or confidential must be removed". Worse, he seems unable or unwilling to believe that he may have overreacted or misunderstood the requirements... AlanB wrote: > Trusting people to be diligent clearly doesn't work. But it does. Blocking things with the specific IPP required phrases means that people don't have to be perfect - if they mess up and overlook something, it is still protected. Unfortunately, by changing the rules to diverge from Sun's policy requirements, you have created a set of documents that are false positives that are absolutely not due to a lack of diligence on the author/owner's part. In the larger picture, building distributed systems means building in robustness and allowing the actors in the system to be less than perfect. Out of the 10,000+ files in the exposed ARC archive, by your count, more than 250 have the word confidential or proprietary in them. By my count last November, less than a dozen had one of the formal IPP forms in them. Can you show that any of the additional ~240 files you found are actual violations of Sun's IPP policy, or are you simply making additional useless work for the case owners? Garrett wrote: > IMO, there needs at minimum to be an override mechanism, where a file can be > blessed as not having any bad assertions, without requiring the *content* of > said file to be altered. I have to disagree, strongly. If the file says "Sun Confidential" or "Sun Proprietary", it can NOT be published unless (at a minimum) those restrictive words are removed. In the same way that plastering a confidential notice on all your outgoing email tends to dilute your claims, publishing protected things in violation of their labeling dilutes Sun's. If a labeled thing needs to be published, someone with authority MUST read the document, redact the proprietary bits (if any still exist) and relabel it to indicate it is now in publishable form. -John _______________________________________________ website-discuss mailing list [email protected]
