RE: [gnso-ff-pdp-may08] Regarding private/sensitive information

["Mike O'Connor" <mike@xxxxxxxxxx>]

Hi Greg n'Mike,

I don't really find it satisfactory either, but I don't see a way to 
arrive at a secure solution (and figuring one out is outside the 
scope of our endeavor).   The puzzler with the private wiki is that 
we don't really have a mechanism to keep that information 
private.  None of us are under any kind of constraint when it comes 
to reposting that information elsewhere (either to our public 
lists/wiki, or to friends and associates).  That's what I was 
referring to when I mentioned the problems associated with becoming 
the "leak police."
So again, I would discourage people from sharing sensitive 
information with this particular group -- we're really not 
constructed to protect it.
Sorry to be the bearer of bad news, but I just don't see a practical 
solution.  Contracts or non-disclosure agreements?  Ugh, too hard, 
too slow, too distracting.  Not to mention alien to the open nature 
of ICANN conversations.
It seems like what we could do is suggest topics for a study that was 
conducted by an easier-to-secure group of people, at some future 
date.  But I'm pretty convinced that the best course for *us* is a 
public conversation.
If anybody's got a practical solution to this puzzler, I'm all ears though.

m

At 08:55 AM 7/16/2008, Greg Aaron wrote:
> Dear Mike:
>
> I don't feel that solution is satisfactory.  The info I mailed was of
> interest to the entire group, and solicited the collective expertise of the
> group.
>
> Perhaps we should work on making the private wiki a more conducive place for
> posting threads of this nature?  We need a place where sensitive information
> is visible to the entire group.  And may be counterproductive to have
> totally offline, side conversations that miss someone who may have something
> pertinent to say.
>
> Thanks,
> --Greg
>
>
>
> -----Original Message-----
> From: owner-gnso-ff-pdp-may08@xxxxxxxxx
> [mailto:owner-gnso-ff-pdp-may08@xxxxxxxxx] On Behalf Of Mike O'Connor
> Sent: Wednesday, July 16, 2008 9:01 AM
> To: Fast Flux Workgroup
> Subject: [gnso-ff-pdp-may08] Regarding private/sensitive information
>
>
> Dear all,
>
> I've had a chance to sleep on the puzzler of maintaining private
> *and* public conversations for the working group.
>
> I've arrived at the following.  Given the nature of our group, I
> think private-list conversation isn't really feasible.  So I'd like
> to propose the following;
>
> - Posts to the group are public
>
> - Private/sensitive information can be exchanged between individuals,
> off-list, based on individual trust relationships
>
> - Conclusions from those private conversations can be sanitized and
> posted to the public list
>
> Simple, no?  I've had several off-list conversations about this and
> have concluded that handling "leak containment" is beyond me.  :-)
>
> So -- don't post sensitive information to the list.
>
> onward,
>
> m
>
>
> voice: 651-647-6109
> fax: 866-280-2356
>
> web: www.haven2.com
>
>
>
>
>
> No virus found in this incoming message.
> Checked by AVG - http://www.avg.com
> Version: 8.0.138 / Virus Database: 270.4.11/1554 - Release Date: 
> 7/15/2008 6:03 PM