Brainstorming for DMUP 2.0

| 6 Comments | No TrackBacks
Now that we have released the slightly updated version of Debian's Machine Usage Policy (DMUP), I am thinking about a major rework for the next version. Maybe we should even start with a completely new text for it. I am currently doing a bit of brainstorming about how the new version could look.

Here are some of my ideas (completely unsorted):

  • Debian is not an ISP. All services are offered on a best-effort basis. While we provide @debian.org email addresses, they should only be used for Debian-related work.
  • Debian resources should be used for Debian-related work only. Even though I think this is self-evident, it should be explicitly mentioned.
  • Data meant to be private should stay private, and not mirrored elsewhere. This especially includes log files and subscription data of any kind. I am not sure yet what to do with anonymized data, but in my personal opinion we should not even allow mirrored data of that.
  • Drop large parts of the document and move it to a new document, called Debian Machine Usage Guidelines or Debian Machines Best Practices. Some parts of the current document are outdated, so let's see if we can drop those entirely.
  • We forbid unlawful activities on our machines. Machines should not be used for private financial gain or for commercial purposes.
  • Penalties might need some rework, in coordination with DAM.

Please note that this brain dump is my very personal opinion and does not reflect the opinion of the complete DSA team.

I would like to see a discussion on what the new DMUP should look like. Even though the final decision on which paragraphs make it into DMUP should stay with DSA, I think the Debian community should be involved in the evolution of this document.

Even though i am not attending DebConf10 (actually I think no one from DSA will make it), it might be a good idea if the conference could be used to do some further brainstorming. Maybe having a BoF on DMUP 2.0 might be a good idea.
Share this blog post:   

No TrackBacks

TrackBack URL: http://blog.zobel.ftbfs.de/cgi-bin/tb.cgi/73

6 Comments

When you say illegal, what jurisdiction do you mean? The jurisdiction of the machine, the user, or something else?

"Illegal anywhere" disallows too many things in this stupid world.

Debian resources should be used for Debian-related work only. Even though I think this is self-evident, it should be explicitly mentioned.

I'd like to allow not strictly Debian related, but free software related work to be allowed.

Lars, that is a very good question indeed. We already have this in the current DMUP, in ยง1, where it says "Don't use Debian Facilities for unlawful activities, including, but not limited to, software piracy."

I will keep it on my radar for DMUP 2.0, as it becomes indeed ... interesting... if you think eg. about US laws and Iranian or Cuban OSS community members.

I also think free software work should be allowed, especially upstream work for stuff that will also end up in Debian. (Or some clarification that this is included in Debian-related)

(P.S: When trying to post I get a "invalid request". Trying with iceweasel now instead )

Machines should not be used for private financial gain or for commercial purposes.

What about a DD that does Debian-related work for these purposes? Like working on a package in his payed time (because his employer needs it). As long as this does not conflict with the interests of the Debian project, it should not be forbidden.

Does that "no commercial work" mean that I am not allowed to log into a debian machine for a traceroute to debug international connectivity issues while I'm at work?

Leave a comment

March 2014

Sun Mon Tue Wed Thu Fri Sat
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31