From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 13B83138334 for ; Fri, 6 Sep 2019 05:29:26 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 38E6EE0809; Fri, 6 Sep 2019 05:29:25 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 0CEFDE0809 for ; Fri, 6 Sep 2019 05:29:24 +0000 (UTC) Received: from pomiot (c134-66.icpnet.pl [85.221.134.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: mgorny) by smtp.gentoo.org (Postfix) with ESMTPSA id 5372C34AD20; Fri, 6 Sep 2019 05:29:23 +0000 (UTC) Message-ID: Subject: Re: [gentoo-nfp] [RFC] Alternative methods for determining 'interest in Foundation affairs' From: =?UTF-8?Q?Micha=C5=82_G=C3=B3rny?= To: gentoo-nfp@lists.gentoo.org Date: Fri, 06 Sep 2019 07:29:19 +0200 In-Reply-To: References: Organization: Gentoo Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-0LqQmJxOEZcTc3M3GUoh" User-Agent: Evolution 3.30.5 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-nfp@lists.gentoo.org Reply-To: gentoo-nfp@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 X-Archives-Salt: cd9a2e14-bfd5-4015-9de4-c57b93067809 X-Archives-Hash: 1c882dc8b55081dd5226569acedc923e --=-0LqQmJxOEZcTc3M3GUoh Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Thu, 2019-09-05 at 13:45 -0700, Alec Warner wrote: > On Thu, Sep 5, 2019 at 1:14 PM Micha=C5=82 G=C3=B3rny = wrote: >=20 > > Hi, everyone. > >=20 > > As some of you have read, I have proposed a new privacy-oriented voting > > frontend for Gentoo [1]. However, the whole idea was rendered pretty > > much pointless by Trustees demanding information on who cast a vote. > > This is currently used to determine 'interest in Foundation', > > and therefore kick inactive Foundation members. To be honest, I think > > it's misguided, for three reasons: > >=20 > > 1. It intrudes on privacy of voters. I suppose it's not *that major* > > but still I don't think it's appropriate to publish a 'shame list' of > > people who haven't voted for whatever reason. > >=20 >=20 > I believe in your right to vote and have the content of the vote be > private. I don't believe in your right to vote anonymously in Foundation > elections. The fact that you voted should be public. The foundation has > minimal requirements for membership; if you don't vote in foundation > affairs (1 vote a year!) then I don't see the point in being a member. It= 's > basically the only difference afforded to members[0]! I don't believe we = do > publish a list of who voted in every election, but we do publish a > membership list and there is definitely a correlation and its intentional= . So, say, if I am actively helping Foundation 8 months a year but I happen to be on long vacation (finally!) during the election (which we're considering shortening, AFAIR), should I be removed? I think you are overestimating the value of a vote. A vote doesn't guarantee that someone is actually interested in anything, or done anything besides SSH-ing to woodpecker or sending a mail. In fact, you're effectively asking people to ask random votes if they don't care but want to stay. I really think it would be better if people voted only if they really wanted to vote, not because otherwise they could be kicked out. > > 2. It introduces a big weakness in the system. My whole idea was to > > make it practically impossible to sniff votes after the election is > > prepared. With this solution, anyone with sufficient privileges > > (election officials, infra) can trivially passively sniff votes. > >=20 >=20 > We need to know who cast votes, we don't need to know the content of the > votes. I assume building such a system is possible (maybe it isn't?) If we need to record both the vote and the attendance simultaneously, it is trivial to match the two. With our voting rate, you don't even have to use inotify() for this, just a periodic look at the server suffices. > > Another option (which some people aren't going to like) is to require > > all Foundation members to be Gentoo devs (but not the other way around)= , > > and then terminate GF membership along with developer status. Given > > that there's only a few non-dev members, and most of them are retired > > devs whose membership simply didn't terminate by existing rules yet, I > > think there shouldn't really be a problem in making the few interested > > members non-commit devs by existing rules. > >=20 >=20 > This doesn't really imply interested in the Foundation either though; > because the developership and Foundation are separate. Chicken and egg. I'm talking about making one subset of the other. > > Finally, if we really don't care we could just send pings and terminate > > membership of people that don't answer in time. This is pretty much > > similar to the current idea with voting, except it doesn't pretend to b= e > > meaningful. > >=20 >=20 > The point of tracking who votes is that votes are nominally the only real > difference between members and non-members; so in the end it's one of the > few ways members can express their interest. If we had shares, then ownin= g > those would be an interest; or donations, or funding requests, or some > other idea. It's funny how money keeps coming up in this topic (it also came up last time when I talked about it) when Bylaws explicitly say that membership cannot be bought. > [0] A plausible reality is that most members don't even have 'an interest= ' > in Foundation affairs and if we increase the minimum requirement for > membership we might see a precipitous drop in member count; we would need > to debate whether or not this is a desired outcome or not. >=20 I think having a quorum is one of the things desired. If Trustees are opposed to lowering the requirement for a quorum, then kicking people who are not really interested is another way of achieving that. --=20 Best regards, Micha=C5=82 G=C3=B3rny --=-0LqQmJxOEZcTc3M3GUoh Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iQGTBAABCgB9FiEEx2qEUJQJjSjMiybFY5ra4jKeJA4FAl1x7q9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEM3 NkE4NDUwOTQwOThEMjhDQzhCMjZDNTYzOUFEQUUyMzI5RTI0MEUACgkQY5ra4jKe JA4/0Af+KsfAAXvNupP00Ae8vEd+G3y5rdYWrp9Kk5ec0vRqKEAVgy05q59CRvyw QfScF7R1g03H+aNUMG15jcTDhS1G2fklRlWYvhEnNaltCuYNfDByrm5t7HBF5oEf 8G9BUHy8ichfHqUQWQ8TtJT5LxnsOK6jl0J9CnrCM1xWHZMVnkJd7WZWW+n7SXmy djTIJiaJJOKUS34cOdbMHE49edbh28SjdCk0WYVb0sM8t/PjdLTv0AcSXQCjk0py QVG5jStry2tleSGuRJktz5+sRlbb9BFwSwExpJb0nLJN8yuVOqA8vFPupQkOvMR/ r+GKMlzOFiLkXwEhBYyOj8mvjIA5IQ== =edOA -----END PGP SIGNATURE----- --=-0LqQmJxOEZcTc3M3GUoh--