Re: desktopsummit registration forces gnome users to have a kde identity

From: Ben Cooksley <bcooksley kde org>
To: Olav Vitters <olav vitters nl>
Cc: ds-team desktopsummit org, Foundation-List <foundation-list gnome org>
Subject: Re: desktopsummit registration forces gnome users to have a kde identity
Date: Fri, 11 Mar 2011 08:23:42 +1300

On Fri, Mar 11, 2011 at 8:14 AM, Olav Vitters <olav vitters nl> wrote:
> On Fri, Mar 11, 2011 at 07:57:53AM +1300, Ben Cooksley wrote:
>> Due to the way the application is built, a entirely seperate copy of
>> the application would have to be set up, and it would administer the
>> same data.
>
> Ok, seems too much effort.
>
>> >  * guarantee that my details are only used for Desktop Summit (e.g.
>> >   hidden field which stores this only for identity.desktopsummit.org so
>> >   details can be deleted afterwards)
>> >  * some kind of privacy policy explanation + guarantee (from KDE towards
>> >   Desktop Summit -- I mean this in a legal sense, no problems trusting
>> >   KDE... but you could theoretically have legal issues. Usually you
>> >   cannot just share privacy related information with another
>> >   organisation)
>>
>> The privacy policy for KDE Identity is summarised as such here -
>> http://community.kde.org/Sysadmin/IdentityFAQ
>> In terms of user data, it is never shared with outside organisations.
>> The only time information is shared outside of Identity itself is when
>> you login to applications such as desktopsummit.org, then your name,
>> username and email address are provided.
>>
>> Implementing such a checkbox for further privacy is not feasible (due
>> to the fact that accounts can never be deleted and your details will
>> never be shared assuming you never login anywhere again)
>
> I somewhat dislike always having a lingering account @ KDE that I never
> use, check or do anything with
>
> Could you add the privacy link on identity.kde.org? I'm sure everyone at
> KDE knows what it does and what it is for. But for me, it feels weird
> (as in: assume it would be an error to go from desktopsummit.org site to
> a KDE site).

Certainly can be done.

>
> If I read
> http://community.kde.org/Sysadmin/IdentityFAQ
>
> I see something about ' breaking this when used in your password. You're
> escaping everything going to SQL/LDAP I assume? Gets me a bit paranoid.

Everything is escaped, this is php safe mode causing that to occur, it
automatically escapes it. In terms of LDAP interaction, everything is
escaped as far as I know. It doesn't have an SQL database.

>
> On the privacy policy, it mentions under 'You are a user':
>  Full name (incl.titles): d
>  Email address d
>  Username d
>
> Where 'd' stands for:
>  'You will see this info from developers'.
>
> I don't really understand this, as there is another 'You are a
> developer' option. So if I am a GNOME person, I'll fall under 'user'.
> But why have a user section and mention that full name/email address and
> username is shared if you're a developer? Doesn't seem logical
> especially as you mention that details wont be shared:)

That table indicates what you will see, not whom will see your data.
As user isn't listed there, that means that nobody other than
sysadmins can access your (user) data.

>
>
> --
> Regards,
> Olav
>

Regards,
Ben

References:
- Re: desktopsummit registration forces gnome users to have a kde identity
  - From: Frederic Muller
- Re: desktopsummit registration forces gnome users to have a kde identity
  - From: Olav Vitters
- Re: desktopsummit registration forces gnome users to have a kde identity
  - From: Ben Cooksley
- Re: desktopsummit registration forces gnome users to have a kde identity
  - From: Olav Vitters

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]