How transparently can a web service be run? AGPL is a start. Publish almost all server configuration, logs, administrator actions. Perhaps logs which divulge personal information are published encrypted readable by two keys, the system administrator and the affected user. Allow users to query server configuration and status.
We don't want users or other outsiders to be able to affect each other with the information acquired through transparency.
Create tools making it easier to publish as much as possible about a running web service, but withholding exactly the information that could be used to hurt other users. Perhaps formal tools to help decide whether a complicated action should or should not be permitted.
No comments :
Post a Comment