[datatracker-rqmts] Publicly-readable and private/anonymous lists
Paul Hoffman <paul.hoffman@vpnc.org> Wed, 08 December 2010 02:37 UTC
Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: datatracker-rqmts@core3.amsl.com
Delivered-To: datatracker-rqmts@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0F2C03A6848 for <datatracker-rqmts@core3.amsl.com>; Tue, 7 Dec 2010 18:37:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.427
X-Spam-Level:
X-Spam-Status: No, score=-101.427 tagged_above=-999 required=5 tests=[AWL=0.619, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XOvi5XgB4JRs for <datatracker-rqmts@core3.amsl.com>; Tue, 7 Dec 2010 18:37:30 -0800 (PST)
Received: from hoffman.proper.com (Hoffman.Proper.COM [207.182.41.81]) by core3.amsl.com (Postfix) with ESMTP id 3B84E3A6825 for <datatracker-rqmts@ietf.org>; Tue, 7 Dec 2010 18:37:30 -0800 (PST)
Received: from [10.20.30.150] (75-101-30-90.dsl.dynamic.sonic.net [75.101.30.90]) (authenticated bits=0) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id oB82ctET039589 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <datatracker-rqmts@ietf.org>; Tue, 7 Dec 2010 19:38:56 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
Mime-Version: 1.0
Message-Id: <p0624081bc9249d506bb8@[10.20.30.150]>
Date: Tue, 07 Dec 2010 18:36:12 -0800
To: datatracker-rqmts@ietf.org
From: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: text/plain; charset="us-ascii"
Subject: [datatracker-rqmts] Publicly-readable and private/anonymous lists
X-BeenThere: datatracker-rqmts@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <datatracker-rqmts.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/datatracker-rqmts>, <mailto:datatracker-rqmts-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/datatracker-rqmts>
List-Post: <mailto:datatracker-rqmts@ietf.org>
List-Help: <mailto:datatracker-rqmts-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/datatracker-rqmts>, <mailto:datatracker-rqmts-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Dec 2010 02:37:32 -0000
Greetings again. It's time to spin up this list again, and a few people have told me that specifying how public lists are publicly-readable and how private/anonymous lists are created and managed will unblock a bunch of other open issues. There was a lot of interest in these topics at the mic in Beijing.
The current text is below. This is just starting text, and it doesn't cover the idea that some private/anonymous lists might have publicly-readable counterparts if the list owner wants.
So, please say what you think should be done here. Do you have a preference between private and anonymous? Do you have ideas for public lists?
To facilitate the discussion, there will be a WebEx-based telechat on Friday, December 17. Information on that comes in the next message. If we have great consensus before the telechat, we can use that time to move on other open issues.
--Paul Hoffman
======================================
2.1.3. Requirement: Some lists must be able to be private or anonymous
Seeing a list of drafts that covers multiple areas of interest can
tell you something about the person who created the list. For
example, you might be able to guess that they might be looking for a
job in a different field by looking at their list of drafts of
interest. Of course, anyone can follow individual drafts today
without having that be exposed; however, following a particular group
of drafts can reveal information about a person.
There is a open issue about whether lists should be default be
private/anonymous or public, and how that default should be manifest
in the eventual UI for creating lists.
The first proposed methods that might keep lists private/anonymous
are:
o Private lists might only be available using passwords or some
other common authentication mechanism. This would require that
the Datatracker have a subscription process for users that could
assign passwords, and a per-user process for adding lists to a
user account. (If the current Datatracker username and login
scheme is used, the interface needs to be improved so that getting
a new login, and changing one's password, are significantly
easier.)
o Anonymous lists might be assigned random URLs from a very large
(2^128) namespace, and the user who creates a list does not tell
others the assigned URL. This method makes it impossible for
someone to search the entire set of assigned lists. Given that
the URLs for lists are most likely going to be copy-and-pasted
anyway, having long random strings in the list's URL is not an
impediment.
2.1.4. Requirement: It must be easy for IETF leadership and individuals
to make lists they create publicly-readable
Private or anonymous lists are fine for individuals, but publicly-
readable lists can magnify the value to the whole community. In
fact, some early commenters on this document emphasized that
publicly-readable lists will be more valuable to the IETF than
helping individuals track documents that are only of interest to
them.
Probably the easiest method to implement publicly-readable lists is
to make them read-only aliases for private or anonymous lists. This
would allow the list originators to control the contents of the list
as normal, but also allow anyone to view the results in the
Datatracker and/or subscribe to notifications. There may be other
methods that would also make sense, and this section might change in
the future.
Publicly-readable lists should have short URLs that can be
transcribed without relying on copy-and-paste. The names in the URLs
for lists that are associated with IETF activities (initially, the
lists created by WG chairs and ADs) can be mnemonic, but other public
lists should have names that are not mnemonic in order to prevent
name-squatting.
It is important to note that publicly-readable lists can only be
changed by the owners. Allowing many people to change the contents
of a list would probably lead to lists that are not very useful to
typical users.
Proposed later requirements include having the Datatracker list all
of the publicly-readable lists (or certainly at least the ones
associated with IETF activities), and having links from WG pages in
Datatracker to the publicly-readable lists maintained by the WG
chairs.
- [datatracker-rqmts] Publicly-readable and private… Paul Hoffman
- Re: [datatracker-rqmts] Publicly-readable and pri… Henrik Levkowetz
- Re: [datatracker-rqmts] Publicly-readable and pri… Russ Housley
- Re: [datatracker-rqmts] Publicly-readable and pri… Jim Schaad
- Re: [datatracker-rqmts] Publicly-readable and pri… Paul Hoffman
- Re: [datatracker-rqmts] Publicly-readable and pri… Russ Housley
- Re: [datatracker-rqmts] Publicly-readable and pri… Jim Schaad
- Re: [datatracker-rqmts] Publicly-readable and pri… Jim Schaad
- Re: [datatracker-rqmts] Publicly-readable and pri… Tero Kivinen
- Re: [datatracker-rqmts] Publicly-readable and pri… Henrik Levkowetz
- Re: [datatracker-rqmts] Publicly-readable and pri… Henrik Levkowetz
- Re: [datatracker-rqmts] Publicly-readable and pri… Russ Housley
- Re: [datatracker-rqmts] Publicly-readable and pri… Paul Hoffman