[datatracker-rqmts] Publicly-readable and private/anonymous lists
Paul Hoffman <paul.hoffman@vpnc.org> Wed, 08 December 2010 02:37 UTC
Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: datatracker-rqmts@core3.amsl.com
Delivered-To: datatracker-rqmts@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0F2C03A6848 for <datatracker-rqmts@core3.amsl.com>; Tue, 7 Dec 2010 18:37:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.427
X-Spam-Level:
X-Spam-Status: No, score=-101.427 tagged_above=-999 required=5 tests=[AWL=0.619, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XOvi5XgB4JRs for <datatracker-rqmts@core3.amsl.com>; Tue, 7 Dec 2010 18:37:30 -0800 (PST)
Received: from hoffman.proper.com (Hoffman.Proper.COM [207.182.41.81]) by core3.amsl.com (Postfix) with ESMTP id 3B84E3A6825 for <datatracker-rqmts@ietf.org>; Tue, 7 Dec 2010 18:37:30 -0800 (PST)
Received: from [10.20.30.150] (75-101-30-90.dsl.dynamic.sonic.net [75.101.30.90]) (authenticated bits=0) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id oB82ctET039589 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <datatracker-rqmts@ietf.org>; Tue, 7 Dec 2010 19:38:56 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
Mime-Version: 1.0
Message-Id: <p0624081bc9249d506bb8@[10.20.30.150]>
Date: Tue, 07 Dec 2010 18:36:12 -0800
To: datatracker-rqmts@ietf.org
From: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: text/plain; charset="us-ascii"
Subject: [datatracker-rqmts] Publicly-readable and private/anonymous lists
X-BeenThere: datatracker-rqmts@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <datatracker-rqmts.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/datatracker-rqmts>, <mailto:datatracker-rqmts-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/datatracker-rqmts>
List-Post: <mailto:datatracker-rqmts@ietf.org>
List-Help: <mailto:datatracker-rqmts-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/datatracker-rqmts>, <mailto:datatracker-rqmts-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Dec 2010 02:37:32 -0000
Greetings again. It's time to spin up this list again, and a few people have told me that specifying how public lists are publicly-readable and how private/anonymous lists are created and managed will unblock a bunch of other open issues. There was a lot of interest in these topics at the mic in Beijing. The current text is below. This is just starting text, and it doesn't cover the idea that some private/anonymous lists might have publicly-readable counterparts if the list owner wants. So, please say what you think should be done here. Do you have a preference between private and anonymous? Do you have ideas for public lists? To facilitate the discussion, there will be a WebEx-based telechat on Friday, December 17. Information on that comes in the next message. If we have great consensus before the telechat, we can use that time to move on other open issues. --Paul Hoffman ====================================== 2.1.3. Requirement: Some lists must be able to be private or anonymous Seeing a list of drafts that covers multiple areas of interest can tell you something about the person who created the list. For example, you might be able to guess that they might be looking for a job in a different field by looking at their list of drafts of interest. Of course, anyone can follow individual drafts today without having that be exposed; however, following a particular group of drafts can reveal information about a person. There is a open issue about whether lists should be default be private/anonymous or public, and how that default should be manifest in the eventual UI for creating lists. The first proposed methods that might keep lists private/anonymous are: o Private lists might only be available using passwords or some other common authentication mechanism. This would require that the Datatracker have a subscription process for users that could assign passwords, and a per-user process for adding lists to a user account. (If the current Datatracker username and login scheme is used, the interface needs to be improved so that getting a new login, and changing one's password, are significantly easier.) o Anonymous lists might be assigned random URLs from a very large (2^128) namespace, and the user who creates a list does not tell others the assigned URL. This method makes it impossible for someone to search the entire set of assigned lists. Given that the URLs for lists are most likely going to be copy-and-pasted anyway, having long random strings in the list's URL is not an impediment. 2.1.4. Requirement: It must be easy for IETF leadership and individuals to make lists they create publicly-readable Private or anonymous lists are fine for individuals, but publicly- readable lists can magnify the value to the whole community. In fact, some early commenters on this document emphasized that publicly-readable lists will be more valuable to the IETF than helping individuals track documents that are only of interest to them. Probably the easiest method to implement publicly-readable lists is to make them read-only aliases for private or anonymous lists. This would allow the list originators to control the contents of the list as normal, but also allow anyone to view the results in the Datatracker and/or subscribe to notifications. There may be other methods that would also make sense, and this section might change in the future. Publicly-readable lists should have short URLs that can be transcribed without relying on copy-and-paste. The names in the URLs for lists that are associated with IETF activities (initially, the lists created by WG chairs and ADs) can be mnemonic, but other public lists should have names that are not mnemonic in order to prevent name-squatting. It is important to note that publicly-readable lists can only be changed by the owners. Allowing many people to change the contents of a list would probably lead to lists that are not very useful to typical users. Proposed later requirements include having the Datatracker list all of the publicly-readable lists (or certainly at least the ones associated with IETF activities), and having links from WG pages in Datatracker to the publicly-readable lists maintained by the WG chairs.
- [datatracker-rqmts] Publicly-readable and private… Paul Hoffman
- Re: [datatracker-rqmts] Publicly-readable and pri… Henrik Levkowetz
- Re: [datatracker-rqmts] Publicly-readable and pri… Russ Housley
- Re: [datatracker-rqmts] Publicly-readable and pri… Jim Schaad
- Re: [datatracker-rqmts] Publicly-readable and pri… Paul Hoffman
- Re: [datatracker-rqmts] Publicly-readable and pri… Russ Housley
- Re: [datatracker-rqmts] Publicly-readable and pri… Jim Schaad
- Re: [datatracker-rqmts] Publicly-readable and pri… Jim Schaad
- Re: [datatracker-rqmts] Publicly-readable and pri… Tero Kivinen
- Re: [datatracker-rqmts] Publicly-readable and pri… Henrik Levkowetz
- Re: [datatracker-rqmts] Publicly-readable and pri… Henrik Levkowetz
- Re: [datatracker-rqmts] Publicly-readable and pri… Russ Housley
- Re: [datatracker-rqmts] Publicly-readable and pri… Paul Hoffman