Re: Search Archives! Help Full
Re: Search Archives! Help Full
- Subject: Re: Search Archives! Help Full
- From: Chuq von Rospach <email@hidden>
- Date: Thu, 01 Nov 2001 11:00:46 -0800
On 11/1/01 10:03 AM, "Hellum Timothy" <email@hidden> wrote:
>
Ummm. Isn't it illegal to capture and post email from Apple archives?
Not necessarily. We try to be accomodating to people who want to set up
external archives when we can, and we've tried to avoid formal thou-shall's
and thou-shall-nots so we have the flexibilty to support interesting Good
Stuff.
There are certain things we require if someone wants to set up a public
archive. One of the things I've discussed internally with people is whether
we can continue with this informal, "do the right thing" approach, and it's
becoming more clear that we can't (FWIW, Kevin's stuff has nothing to do
with this, I'd decided that about a week ago).
So, I am going to, I guess, have to set up a formal policy on archive access
and publishing, and then anyone doing a public archive of some sort is going
to have to either agree to abide by it or we'll have to ask them to close it
off. Most folks are mostly reasonable -- we just keep having issues with
people who don't stop to think about what putting everyone's email addresses
up on a web site means. As I said earlier, security by obscurity doesn't
work -- even if you don't publish the URL, if you post it to this list, all
it takes is someone on this list forwarding it to another list that doesn't
bother to protect ITS archives, and it's only a matter of time before the
spambots find you.
We are quite serious about protecting email addresses here, but it's
meaningless if we do it and others simply grab the data and expose it behind
our back. We are, in fact, working on a project to evaluate and upgrade our
archive security over the next few months, before the spambots get smart
enough to figure out what we're doing.
We ARE going to move to an explicit policy of "you cannot have a publically
accessible archive of our mailing lists without explicit permission from
Apple" -- but at the same time we do that, I want to set up a policy that is
reasonable, fair, and not overly paranoid, anal or obnoxious. We just can't
keep policing things with a "if we find out about you, and you don't meek
our standards, we have to talk" -- that just isn't working on any number of
levels, starting with the reality that if we don't publish "our standards",
how do you know whether you meet them?
So no, it's not illegal, but you don't have carte blanche to do what you
want, either. I need to work out a reasonable trade-off here between
allowing the openness for innovation and alternative access I want with the
security for our users we have to have, and a way to police and administer
that is not noxious but still enforceable. It's something I plan on trying
to pull together while on vacation, when I have time to sit and think it
over.
Chuq
--
Chuq Von Rospach, lists.apple.com Lead Administrator
email@hidden