[openstack-dev] [Glance] IRC logging
Sean Dague
sean at dague.net
Tue Jan 13 13:27:58 UTC 2015
On 01/13/2015 08:01 AM, Thierry Carrez wrote:
> Kuvaja, Erno wrote:
>> [...]
>> 1) One does not need to express themselves in a way that is for public. ( Misunderstandings can be corrected on the fly if needed. ) There is no need to explain to anyone reading the logs what you actually meant during the conversation month ago.
>> 2) there is level of confidentiality within that defined audience. ( For example someone not familiar with the processes thinks they have found security vulnerability and comes to the IRC-channel to ask second opinion. Those details are not public and that bug can still be raised and dealt properly. Once the discussion is logged and the logs are publicly available the details are publicly available as well. )
>> 3) That defined audience does not usually limit content. I have no problem to throw my e-mail address, phone number etc. into the channel, I would not yell them out publicly.
>> [...]
>
> All 3 arguments point to issues you have with *public* channels, not
> *logged* channels.
>
> Our IRC channels are, in effect, already public. Anyone can join them,
> anyone can log them. An embargoed vulnerability discussed on an IRC
> channel (logged or not) should be considered leaked. I agree that
> logging makes it easier for random people to access that already-public
> information, but you can't consider an IRC channel private (and change
> your communication style or content) because it's not logged by eavesdrop.
>
> What you seem to be after is a private, invitation-only IRC channel.
> That's an orthogonal issue to the concept of logging.
Honestly, I do think it's probably worth having an OpenStack wide bit of
guidance here, especially now that every project has felt the need to
spin up their own channel instead of using #openstack-dev (which is
currently mostly void of content).
Not having these logs means we often are missing important parts of
historical context when decisions are made, because a lot more design is
happening in unarchived formats than archived ones.
-Sean
--
Sean Dague
http://dague.net
More information about the OpenStack-dev
mailing list