OpenWetWare:Software/Private Pages: Difference between revisions

There have been requests and questions about having content on OWW that is not public, not indexed by Google, not editable by everyone on OWW, etc. This page aims to discuss this policy.

There seem to be 2 major methods of implementation:

1. Groups + access control (rumors MediaWiki may be working on this).
2. Encryption. I have implemented an extension which does this. It's available here on the development site for anyone who wants to play around with it.

Discussion Questions:

1. Is it in OWW's "open" or "wiki" nature to have pages that are private in any form?
   • Sri Kosuri 17:15, 20 April 2006 (EDT): I think that this could be a useful excercize. I think one of the problems is that once people start using it, there is no turning back... we have to continue to support it.
2. What's the "right" way to do encryption?
   • Austin 16:38, 20 April 2006 (EDT): The current implementation allows users to put <encrypt> tags around any text they wish to encrypt. Keys are stored via users' preferences. Text is automatically encrypted/decrypted on views/edits if a proper key is found. File uploads (images) are not encrypted. This could be another issue.
     • Sri Kosuri 17:15, 20 April 2006 (EDT):Can you store multiple keys?
     • Austin 17:47, 20 April 2006 (EDT): Not right now, but definitely what I had been envisioning. Each user would have a list mapping page names to keys.
3. How would people likely use such features? Would the majority of their content be public or not?
   • Austin 16:38, 20 April 2006 (EDT): My belief is that anything to get people on to OWW is good even if some of the content is private.
   • Sri Kosuri 17:15, 20 April 2006 (EDT): I think if we use the encryption extension that Austin made, most of the content will remain open, if only it is much more cumbersome to close it. I am probably for this option.
4. Encryption vs. Access control
   • Encryption can provide greater comfort of security (even administrators may not be able to access page content)
   • Encryption doesn't technically provide more than what users can do currently (i.e. in theory, anyone can put any encrypted text on a page, it's just not particularly easy).
   • Encryption does not provide anything other than secrecy (i.e. cannot control someone else from messing up with your page, even if that someone else has no idea what they are messing with).

• --Johncumbers 22:15, 20 April 2006 (EDT) This looks good Austin. The main concern that people have at Brown, when I tell them about OWW is that somebody will edit their user page/protocol whilst they are not looking. So whilst I don't think that I'd use encryption like this that much at the moment(we have just set up a private wiki for the lab fly stocks/vectors/research) if the protect tab could be developed to prevent editing by other users then this would be most useful and also in the unlikely event would prevent encrypted pages being edited. I do see the point that once we go down this road there is no turning back however. It is a difficult situation.