diff -r 04190261ad54 -r 8d0d0afb75f3 text/ssm.en.xml
--- a/text/ssm.en.xml Thu Sep 26 00:37:37 2019 +0200
+++ b/text/ssm.en.xml Thu Sep 26 16:27:05 2019 +0200
@@ -220,7 +220,7 @@
f3afbaf2-0933-43d2-aed0-8dc568b9429f
-
a96206c9-3e69-483d-b575-6bab9dec4a30
- correctness, safety and readability is prefered to performance
+ correctness, safety and readability is preferred to performance
-
d8eba0dd-4305-44b9-80ea-4c38b6dfa633
@@ -445,103 +445,51 @@
- Communication channels
+ Communication with users and developers
a931dcbb-8043-4e21-838f-8e8122bb8af3
-
fff90688-907e-48eb-a48a-2ae6d6b42f0a
- use RSS/Atom or other machine readable format for:
-
-
- ce9ffd67-627b-4067-ae34-f56ffbcac972
- security announcements
-
- -
- f4c0b757-1fee-4d6d-8b30-808b4787fb5e
- new version announcements
-
- -
- b17dbc84-4119-4706-acd8-61421a384246
- infrastructure outage announcements
-
- -
- f3063520-5e7a-4aa0-95f6-505775556120
- blog, documentation, how-tos etc.
-
- -
- e2434bd6-c838-479a-a636-f277003ebe7c
- AFK events (conferences, meetings, hackatons etc.), for calendar data iCal format is strongly recommended
-
+ Following information should be provided in RSS/Atom or other machine readable format:
+ announcements (security, new versions, infrastructure outage),
+ blog posts, tutorials
+ and AFK events (e.g. conferences, meetings or hackatons).
+ for calendar data iCal format is strongly recommended
-
e8b18e02-d7b2-4584-8eee-dbaf823f6800
- mailing list
-
- -
- a35328fe-a177-4d6a-a3d2-2cc8fa0cb6f7
- e-mail/SMTP
-
-
- f40e9a23-b2ca-4052-949e-f4358844f5a2
- use TLS
-
- -
- bc444281-5c76-43a9-b5ef-46306cbb2bf9
- use DKIM/ADSP
-
- -
- a2852409-806f-480c-8700-141ace86f322
- use signed and encrypted messages (GnuPG or X.509)
-
- -
- da2b84bd-a20d-4e76-af14-740a7c9ccfb3
- avoid spam and viruses, do not spam the users, do not push them to subscribe your „newsletter“ – always offer also anonymous channel like RSS/Atom
-
-
- -
- ec4c92b6-83e5-4051-9aef-fa7d02e292b8
- Jabber MUC or IRC
-
- -
- f50d17bd-701f-45f9-aae4-86bfcf34cd7c
- discussion forum
+ A mailing list (e-mail conference) or other equivalently open and decentralized technology should be used for the many-to-many communication.
+ Having an „old school“ mailing list is not mandatory – it might be e.g. a P2P distributed technology or some self-hosted forum.
-
e746eb5b-8d8b-4ec8-9315-a311f35e156a
- do not push users to register at a proprietary social networks resp. at particular company like Facebook – users without such account must not be discriminated – use open and decentralized networks/protocols instead
-
- -
- a1a3c037-37e3-4283-abab-e275f7d17442
- Q&A tool + FAQ
+ Users must not be pushed to register at a proprietary social networks resp. at particular providers of such services.
+ Users without such account must not be disadvantaged – use open and decentralized networks/protocols instead.
-
ff537045-819e-4dec-a020-d2c9f2c3292b
- there should be a second-level internet domain for the project or its team
-
- -
- b54d4978-974b-4743-bdba-7d4957bc9ba7
- but do not buy an internet domain if you are not prepared to mainain it for decades – rather use third level domain under some reliable second level domain maintained by a credible group or person – think of that every expired domain helps spammers and scammers and hurts the users
+ There should be a second-level internet domain for the project or its team.
+ But do not buy an internet domain if you are not prepared to mainain it for decades – rather use third level domain under some reliable second level domain maintained by a credible group or person – think of that every expired domain helps spammers and scammers and hurts the users.
-
a1141312-5177-4d68-bb14-fce952d542c3
- URLs should be as stable as possible (do not break old links, set up redirections if needed)
+ URLs should be as stable as possible – accessible in next decade.
+ Do not break old links, set up redirections if needed.
-
c5b6d3d7-2f1f-4371-acfa-d6af1588c2cb
- the website must be independent and must contain everything needed – any content (JavaScripts, CSS, fonts, images etc.) downloaded from other domains must not be required to browse/use the website
+ The website must be independent and must contain everything needed – any content (JavaScripts, CSS, fonts, images etc.) downloaded from other domains must not be required to browse/use the website.
+ Embedded content from the third-party servers causes leaks of sensitive data (tracking of the users) and also denies decentralized nature of the internet.
-
- c1d9052d-dfe5-4fce-a82c-d618dc4689fa
- authors should publish their public keys (GnuPG/OpenPGP or X.509)
+ d5fbcc9e-a12c-44ce-909b-f514a579ab7e
+ JavaScript or other code executed on client computers must be also free software with properly declared license.
+ see https://www.gnu.org/software/librejs/
-
c89e8699-574c-4b28-9f65-6284d6051f68
- crpyptographically secured e-mail address or web form for receiving security vulnerabilities report
-
- -
- b6cf8d5f-0fc9-46f7-8e38-8342a1229037
- every security incident must be clearly documented and investigated – do not obscure it
-
- -
- e41134a4-715c-4926-a7df-01ff3759eda1
- There should be public directory of extensions/scripts.
+ There must be a crpyptographically secured (GnuPG/OpenPGP or X.509) e-mail address or a secure web form for receiving security vulnerabilities reports.
+ Particular authors should publish their public keys.
+ Every security incident must be clearly documented and investigated – do not obscure it.
-
fed07648-106a-4b7c-9026-509c82109448