[newmaint-site] contributors.debian.org milestones

Enrico Zini enrico at enricozini.org
Mon Oct 28 20:48:38 UTC 2013


I spent some time thinking about what's missing to get DC going, and I
came up with 3 milestones. Here they are:

Milestone 1: proof of concept

 - We show only data from @debian.org and @users.alioth.debian.org
   accounts, which we can safely assume it can be made public without
   asking first.
 - We document how to build data mining scripts.
 - We call for teams to start experimenting with sending data to the

Milestone 2: moar data sources
(possibly taking advantage of the minidebconf in Cambridge)

 - We lobby teams for setting up data mining scripts and posting data to
   the site. We can help them set these up, but they should ultimately
   be the responsibility of the teams themselves.

Milestone 3: moar identifiers

 - Get more kinds of identifiers into the mix: emails, gpg fingerprints,
   wiki names.

   This needs figuring out both privacy requirements and integrity
   requirements: we need to avoid to open trolling avenues, like sending
   one silly bugreport a week as debiansux at ownyouftw.troll to get into
   the list. Identifiers should be somehow tied to reputation that is
   built up with constructive work: if one wants to have
   debiansux at ownyouftw.troll end up in the list, they need to earn it

   Two possible ideas:

    - one needs to have a gpg key with a trust path leading to the
      strongly connected set;
    - the initial opt-in is initiated with a mail from the Debian
      Welcome Team, and they might decide to wait a bit and see when
      they notice a suspicious identifier.

   But really, different identifiers may have different requrements,
   we'll see it when we get there. As data flows in from new data
   sources, we should start getting some idea.

   For example, emails in debian/changelog, since a DD signs for its
   integrity, can be trusted differently than emails from the BTS, where
   anyone can post.

 - Identity management needs to be implemented, and this probably means
   waiting until after the single signon sprint meeting that should
   happen in January. Too much information is missing now to make good



GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini <enrico at enricozini.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/newmaint-site/attachments/20131028/999f81a8/attachment.sig>

More information about the newmaint-site mailing list