Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Apache: Dev

[Result] Re: [Vote] Add commentary system to httpd docs

 

 

Apache dev RSS feed   Index | Next | Previous | View Threaded


rumble at cord

May 7, 2012, 7:02 AM

Post #1 of 4 (532 views)
Permalink
[Result] Re: [Vote] Add commentary system to httpd docs

With an impressive 8 x +1 binding votes and no -1's, as well as +2 from
other docs@ readers, I believe we can call this vote passed with flying
colors :).

We will begin rolling out the commentary system in the trunk docs
shortly, and then we'll see where the wind of the web takes us.

I suspect I'll be following up on this with some discussions on the more
specific details of how we should run this comment system later this
week, but for now, let's just enjoy it for a few days, and see how it
plays out.

The current questions we need to discuss can be found at
http://wiki.apache.org/httpd/DocsCommentSystem#Questions_for_further_discussion
so do give them a read-through and add a question or two if you have any.


With regards and humble thanks for your support,
Daniel

On 04-05-2012 15:58, Daniel Gruno wrote:
> I'll be a bad boy and top-post on this reply, as well as add dev@ to the
> list of recipients.
>
> In docs@, we have been discussing the possibility of adding comments to
> the various pages in our documentation. As the discussion has
> progressed, we have settled on the idea of trying out Disqus as a
> commentary system for the documentation, and I have authored a proposal
> on the practical implementation of this.
>
> As this is a rather large change to the documentation (if passed), Eric
> Covener advised me to notify both mailing lists as well as give a bit
> more information on how exactly this will work and why we felt it was a
> good idea to try out a commenting system. That information is located at
> http://wiki.apache.org/httpd/DocsCommentSystem
>
> We have, to give it a test spin, rolled out these proposed changed to
> the rewrite section of the trunk documentation,
> http://httpd.apache.org/docs/trunk/rewrite/ (do note that the
> mod_rewrite reference document is NOT a part of this test), and we'd
> very much like you to review these changes and let us know what you
> think of this solution. If everybody is happy about it, we can try to
> roll it out on a bit more pages, and see how it is received by the
> general population.
>
> So, I am calling a vote on whether or not to proceed with rolling out
> this test to a portion of our trunk documentation for further testing.
>
>
> [+/-1] Add commentary system to the trunk documentation.
>
> With regards,
> Daniel.
>


httpd-dev.2012 at velox

May 19, 2012, 12:32 AM

Post #2 of 4 (482 views)
Permalink
Re: [Result] Re: [Vote] Add commentary system to httpd docs [In reply to]

On 07.05.2012 16:02, Daniel Gruno wrote:
> With an impressive 8 x +1 binding votes and no -1's, as well as +2 from
> other docs@ readers, I believe we can call this vote passed with flying
> colors :).

Apologies for being late with this, but the specifics of the currently
used implementation (Disqus) only caught my attention after the Google
Analytics "trial" this week.

I very much appreciate the recent work on improving the docs and would
by no means want to dampen that enthusiasm. Adding a commentary system
also seems like a completely reasonable step to me (provided that the
comments are moderated before appearing on the site).

Looking at the call for votes [retained below for reference] and at the
votes, I'm not sure if the +1 voters were aware of the specific
"mechanics" of the Disqus comment system which is now embedded into all
HTML below http://httpd.apache.org/docs/trunk/ [1], however.

Effectively, using Disqus means that even visiting an "innocent" page
like http://httpd.apache.org/docs/trunk/license.html will already result
in all sorts of "drive-by" tracking requests [2], among them Google
Analytics (pulled in via httpd.disqus.com/thread.js).

Based on the fact that there's currently no privacy policy for
httpd.apache.org - which would make visitors aware of being tracked (and
link to both the Disqus privacy policy [3] and the GA privacy policy
[4]) - I believe that the vote should be repeated, with being recast to:

[+/-1] Add the Disqus commentary system to the trunk documentation.

As an interim measure, I also think it would be wise to revert the
changes applied in r1335029/r1335773, for the time being.

Kaspar


[1] http://svn.apache.org/viewvc?view=revision&revision=r1335029

[2] URI host names: httpd.disqus.com, www.google-analytics.com,
pixel.quantserve.com, b.scorecardresearch.com,
juggler.services.disqus.com, mediacdn.disqus.com

[3] http://docs.disqus.com/help/30/ (which states, inter alia: "This
Privacy Policy was first published and made effective on May 9,
2012" - which makes you wonder what they had in place before that
date...)

[4] http://www.google.com/policies/privacy/


> On 04-05-2012 15:58, Daniel Gruno wrote:
>> I'll be a bad boy and top-post on this reply, as well as add dev@ to the
>> list of recipients.
>>
>> In docs@, we have been discussing the possibility of adding comments to
>> the various pages in our documentation. As the discussion has
>> progressed, we have settled on the idea of trying out Disqus as a
>> commentary system for the documentation, and I have authored a proposal
>> on the practical implementation of this.
>>
>> As this is a rather large change to the documentation (if passed), Eric
>> Covener advised me to notify both mailing lists as well as give a bit
>> more information on how exactly this will work and why we felt it was a
>> good idea to try out a commenting system. That information is located at
>> http://wiki.apache.org/httpd/DocsCommentSystem
>>
>> We have, to give it a test spin, rolled out these proposed changed to
>> the rewrite section of the trunk documentation,
>> http://httpd.apache.org/docs/trunk/rewrite/ (do note that the
>> mod_rewrite reference document is NOT a part of this test), and we'd
>> very much like you to review these changes and let us know what you
>> think of this solution. If everybody is happy about it, we can try to
>> roll it out on a bit more pages, and see how it is received by the
>> general population.
>>
>> So, I am calling a vote on whether or not to proceed with rolling out
>> this test to a portion of our trunk documentation for further testing.
>>
>>
>> [+/-1] Add commentary system to the trunk documentation.
>>
>> With regards,
>> Daniel.
>>
>


rumble at cord

May 20, 2012, 5:47 AM

Post #3 of 4 (474 views)
Permalink
Re: [Result] Re: [Vote] Add commentary system to httpd docs [In reply to]

Sending to docs@ as well, as this applies to that list too.
Grumpiness may occur, so apologies in advance.

On 05/19/2012 09:32 AM, Kaspar Brand wrote:
> Looking at the call for votes [retained below for reference] and at the
> votes, I'm not sure if the +1 voters were aware of the specific
> "mechanics" of the Disqus comment system which is now embedded into all
> HTML below http://httpd.apache.org/docs/trunk/ [1], however.
The vote did refer to a proposal on the apache wiki that specifically
mentioned Disqus as the method of choice. If people were unaware of how
Disqus operates then, frankly and with respect, they should aim to work
with due diligence or ask questions before voting. It should be a well
known fact that using third party tools will eventually result in
visitor tracking occurring one way or another. If people would rather
see us use a comment system developed and housed by Apache, then I'm
sure we can figure something out, but it requires that people say so.
> Effectively, using Disqus means that even visiting an "innocent" page
> like http://httpd.apache.org/docs/trunk/license.html will already result
> in all sorts of "drive-by" tracking requests [2], among them Google
> Analytics (pulled in via httpd.disqus.com/thread.js).
>
> Based on the fact that there's currently no privacy policy for
> httpd.apache.org - which would make visitors aware of being tracked (and
> link to both the Disqus privacy policy [3] and the GA privacy policy
> [4]) - I believe that the vote should be repeated, with being recast to:
>
> [+/-1] Add the Disqus commentary system to the trunk documentation.
Meh, it makes me a sad panda that we have to discuss this once again,
but you may have a point here. I suppose it would be in the Apache
spirit to keep our intentions as open as possible, which merits a
privacy policy. I have already written up a draft for such a policy, and
included the GA and Disqus techs used in the proposed comment system and
analytics for the docs. It can be found at
http://wiki.apache.org/httpd/PrivacyPolicy . It is loosely based on the
policies that are in place for other Apache projects such as Lucene and
Directory (which also makes use of GA on their sites).

This will effectively make for two (or three) new votes for adopting
each piece:

- Adopt a privacy policy for the docs and refer to the various tracking
methods used as they get implemented - see the draft at
http://wiki.apache.org/httpd/PrivacyPolicy

- Implement the Disqus commentary system for the docs - see the proposal
at http://wiki.apache.org/httpd/DocsCommentSystem

- Implement visitor tracking for the docs so we can improve on them -
see proposal at http://wiki.apache.org/httpd/DocsAnalyticsProposal

I'll let this sink in for a few days, and then I will propose a vote for
each segment in the order displayed above. If any of you have comments,
suggestions, critique, anything, I urge you to please step forward and
say so. I dislike the illusion of consensus just because people can't be
bothered speaking up until something is actually committed to the
repository.
> As an interim measure, I also think it would be wise to revert the
> changes applied in r1335029/r1335773, for the time being.
We have already voted on adding _a_ commentary system to the
documentation, so I'm not going to revert all the blood, sweat and tears
that went into integrating a comment section in the docs, but what I can
and will is add a JavaScript hack to disable the Disqus commentary
system itself while we get this sorted out. Regardless of which method
of commenting we eventually settle on, it will still require the same
basic structure as is defined at the moment, so I see no point in
scrapping all of it, just to reinstate it again.

With regards,
Daniel.


httpd-dev.2012 at velox

May 20, 2012, 11:07 PM

Post #4 of 4 (470 views)
Permalink
Re: [Result] Re: [Vote] Add commentary system to httpd docs [In reply to]

On 20.05.2012 14:47, Daniel Gruno wrote:
> This will effectively make for two (or three) new votes for adopting
> each piece:
>
> - Adopt a privacy policy for the docs and refer to the various tracking
> methods used as they get implemented - see the draft at
> http://wiki.apache.org/httpd/PrivacyPolicy

Thanks for preparing this draft. As previously stated, I consider such a
policy a mandatory requirement before integrating any tool into
httpd.apache.org which systematically processes user data [1].

The section "Additional tracking by third parties" of the draft
currently says: "The Apache HTTP Server project makes use of additional
third party tools, such as the Disqus commentary system, which itself
may apply visitor tracking for internal purposes."

In the interest of an early declaration, let me say that I'm (rather
strongly) opposed to running the project's site in a way that requires
us to have such a generic disclaimer in the privacy policy, for several
reasons.

First, my expectation would be that an ASF project, and in particular
ours, is able to run the infrastructure of those features it considers
essential for its operations on its own. It's true that some other
projects are using Google Analytics, but this doesn't mean that others
should follow this practice, IMO.

Second, I see several technical issues when integrating third-party
tools which basically rely on JS code being injected into the HTML on
httpd.apache.org: "surreptitious" tracking is one of them, but it's also
problematic from a security point of view: by pulling in JS from remote
URLs we expose our visitors to the risk of running untrusted code in the
context of our site. (As an aside: having to turn off JS for
httpd.apache.org as a whole, as - rightfully - suggested in the draft
privacy policy for effectively turning off GA, would have the collateral
damage of disabling the newly-added syntax highlighting as well, which
seems quite unfortunate.)

Third, *iff* we really decide to do user tracking on httpd.apache.org,
it should at least be opt-in, not opt-out, in my view (i.e., we should
e.g. make sure to honor "DNT: 1" headers before pulling in JS tracking
code, and ensure that visitors agree to being tracked before we do so).

> - Implement the Disqus commentary system for the docs - see the proposal
> at http://wiki.apache.org/httpd/DocsCommentSystem

In the meantime I skimmed over its Terms Of Service [2], and it took me
only a short time to identify several elements which made me quite worried:

a) User Content: Disqus is granted a "a royalty-free, sublicensable,
transferable, perpetual, irrevocable, non-exclusive, worldwide license
to use, reproduce, modify, publish, list information regarding, edit,
translate, distribute, syndicate, publicly perform, publicly display,
and make derivative works of all such User Content" etc.

b) Changes to the service: "We may, without prior notice, change the
Service; stop providing the Service or features of the Service, to you
or to users generally; or create usage limits for the Service."

c) Advertisements: "You agree that Disqus may include advertisements
and/or content provided by Disqus and/or a third party (collectively
"Ads") as part of the implementation of the Service."

This just a small sample of rules I consider highly problematic, and to
be honest, they pretty much rule out the option of using Disqus on
httpd.apache.org, I think.

PHP's system, on the other hand, uses an approach [3] I'm completely
comfortable with: no dependencies on third-party sites, comments are
covered by a Creative Commons license, and do not rely on any remote JS
code or so.

> - Implement visitor tracking for the docs so we can improve on them -
> see proposal at http://wiki.apache.org/httpd/DocsAnalyticsProposal

I would highly prefer Piwik over the others (or more generally: a tool
we run ourselves, not a third-party service).

Kaspar

[1] see also
http://mail-archives.apache.org/mod_mbox/www-legal-discuss/200809.mbox/%3C48CF1C4A.1000904 [at] rowe-clan%3E
and other messages in that thread, e.g.

[2] http://docs.disqus.com/help/29/

[3] http://www.php.net/manual/add-note.php

Apache dev RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.