On 8-Jul-06, at 4:22 PM, spf-discuss(_at_)v2(_dot_)listbox(_dot_)com wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mark Wolk wrote:
I am the person who originally raised this issue, and I still think
that the form at http://new.openspf.org/Contact is unclear. When
reading that page, my understanding is that enquiries sent through
that form will be visible to a small circle of people ("discussed
publicly by project staff"). As long as that form goes to the list,
the reality is that it will be visible to the world, searchable by
Google, spambots etc. Try this search on Google (with all quotes):
""Sending stuff from the "Contact" page to spf-discuss"
and you'll find this entire discussion thread on 5 websites. That is
quite a sizeable difference, in my opinion. I am willing to share my
email addresses and other stuff with a circle of SPF experts and
enthusiasts, but not with the entire world!
Look, you are really missing the meaning of the word "publicly".
It does
NOT mean "among a closed a circle of SPF experts and enthusiasts",
even if
the discussing itself is done only by "a circle of SPF experts and
enthusiasts". It means "the entire world can watch".
I have no opinion as to whether that form should or should not be
redirected on this list; but I think if it is redirected to the list,
senders should understand clearly that whatever they write will be
visible to the world.
I have added "Those mailing lists are publicly readable by
everyone." to
the "Note" on the contact form. This is about as explicit as I'm
willing
to get. There's simply no point in making a five paragraph long
statement
if people don't even read the first sentence properly.
I'm sure you don't expect us to say that public submissions "will
end up on
Google" or something. If people don't understand the concept of a
"public
mailing list", then they should entertain some common sense, do some
research, or refrain from making a public submission. I don't
think this
is an unreasonable expectation on our side.
Anyway, thank you for raising your concerns.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEq5tMwL7PKlBZWjsRAukXAKDpt2E6XMkSQzmmjbGBmPlty1RTRQCfYP8j
u5tvUVT7zPH32Y6l6XzMKlw=
=+sRE
-----END PGP SIGNATURE-----
I have to agree with Julian here. The word "publicly" definitely
means that the discussion will be open to the world. Had it only
said, "discussed by project staff," then I would expect the
discussion to be held 'privately' amongst project staff.
It's clear though due to this discussion that there is room for
improvement on that page. May I make a suggestion.
Change the confidentiality statement just above the form so that it
reads as follows:
Confidentiality:
Submissions that are marked as 'Confidential' will be kept private
and only be discussed amongst project staff.
Submissions that are marked as 'Not Confidential' may be discussed
publicly on the various project's mailing lists. Your name,
organization, email address, domain name, etc., if submitted, will be
included.
Please note that the project's mailing list's are open to and
searchable by the general Internet population.
Change the pull-down menu in the form to radio buttons. One for
'Confidential' and the other for 'Not Confidential.' Remove all other
wording, except the label "* Confidentiality," since the policy is
clearly stated above the form.
--
Gino Cerullo
Pixel Point Studios
21 Chesham Drive
Toronto, ON M3M 1W6
T: 416-247-7740
F: 416-247-7503
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
smime.p7s
Description: S/MIME cryptographic signature