RE: [gnso-ff-pdp-may08] Regarding private/sensitive information
- To: <gaaron@xxxxxxxxxxxx>, "'Fast Flux Workgroup'" <gnso-ff-pdp-May08@xxxxxxxxx>
- Subject: RE: [gnso-ff-pdp-may08] Regarding private/sensitive information
- From: "Mike O'Connor" <mike@xxxxxxxxxx>
- Date: Wed, 16 Jul 2008 09:04:35 -0500
Hi Greg n'Mike,
I don't really find it satisfactory either, but I don't see a way to
arrive at a secure solution (and figuring one out is outside the
scope of our endeavor). The puzzler with the private wiki is that
we don't really have a mechanism to keep that information
private. None of us are under any kind of constraint when it comes
to reposting that information elsewhere (either to our public
lists/wiki, or to friends and associates). That's what I was
referring to when I mentioned the problems associated with becoming
the "leak police."
So again, I would discourage people from sharing sensitive
information with this particular group -- we're really not
constructed to protect it.
Sorry to be the bearer of bad news, but I just don't see a practical
solution. Contracts or non-disclosure agreements? Ugh, too hard,
too slow, too distracting. Not to mention alien to the open nature
of ICANN conversations.
It seems like what we could do is suggest topics for a study that was
conducted by an easier-to-secure group of people, at some future
date. But I'm pretty convinced that the best course for *us* is a
If anybody's got a practical solution to this puzzler, I'm all ears though.
At 08:55 AM 7/16/2008, Greg Aaron wrote:
I don't feel that solution is satisfactory. The info I mailed was of
interest to the entire group, and solicited the collective expertise of the
Perhaps we should work on making the private wiki a more conducive place for
posting threads of this nature? We need a place where sensitive information
is visible to the entire group. And may be counterproductive to have
totally offline, side conversations that miss someone who may have something
pertinent to say.
[mailto:owner-gnso-ff-pdp-may08@xxxxxxxxx] On Behalf Of Mike O'Connor
Sent: Wednesday, July 16, 2008 9:01 AM
To: Fast Flux Workgroup
Subject: [gnso-ff-pdp-may08] Regarding private/sensitive information
I've had a chance to sleep on the puzzler of maintaining private
*and* public conversations for the working group.
I've arrived at the following. Given the nature of our group, I
think private-list conversation isn't really feasible. So I'd like
to propose the following;
- Posts to the group are public
- Private/sensitive information can be exchanged between individuals,
off-list, based on individual trust relationships
- Conclusions from those private conversations can be sanitized and
posted to the public list
Simple, no? I've had several off-list conversations about this and
have concluded that handling "leak containment" is beyond me. :-)
So -- don't post sensitive information to the list.
No virus found in this incoming message.
Checked by AVG - http://www.avg.com
Version: 8.0.138 / Virus Database: 270.4.11/1554 - Release Date:
7/15/2008 6:03 PM