[openstack-dev] The root-cause for IRC private channels (was Re: [all][tc] Lets keep our community open, lets fight for it)

Stefano Maffulli stefano at openstack.org
Tue Feb 17 17:32:53 UTC 2015


Changing the subject since Flavio's call for openness was broader than
just private IRC channels.

On Tue, 2015-02-17 at 10:37 +0000, Daniel P. Berrange wrote:
> If cases of bad community behaviour, such as use of passwd protected
> IRC channels, are always primarily dealt with via further private
> communications, then we are denying the voters the information they
> need to hold people to account. I can understand the desire to avoid
> publically shaming people right away, because the accusations may be
> false, or may be arising from a simple mis-understanding, but at some
> point genuine issues like this need to be public. Without this we make
> it difficult for contributors to make an informed decision at future
> elections.

You got my intention right: I wanted to understand better what lead some
people to create a private channel, what were their needs. For that
objective, having an accusatory tone won't go anywhere and instead I
needed to provide them a safe place to discuss and then I would report
back in the open.

So far, I've only received comments in private from only one person,
concerned about public logging of channels without notification. I
wished the people hanging out on at least one of such private channels
would provide more insights on their choice but so far they have not.

Regarding the "why" at least one person told me they prefer not to use
official openstack IRC channels because there is no notification if a
channel is being publicly logged. Together with freenode not obfuscating
host names, and eavesdrop logs available to any spammer, one person at
least is concerned that private information may leak. There may also be
legal implications in Europe, under the Data Protection Directive, since
IP addresses and hostnames can be considered sensitive data. Not to
mention the casual dropping of emails or phone numbers in public+logged
channels.

I think these points are worth discussing. One easy fix this person
suggests is to make it default that all channels are logged and write a
warning on wiki/IRC page. Another is to make the channel bot announce
whether the channel is logged. Cleaning up the hostname details on
join/parts from eavesdrop and put the logs behind a login (to hide them
from spam harvesters). 

Thoughts?

/stef




More information about the OpenStack-dev mailing list