On Sun, 15 Nov 1998, Roeland M.J. Meyer wrote:
Over the years UseNet has devolved from anarchy into chaos. IMHO, it can not evolve back.
Death of Usenet predicted. Film at 11. I don't see things this way at all. There's one piece missing from Usenet: accountability. While Karl's proposal addresses this (with binaries only, unfortunately), it goes too far, and damages the right to privacy that people expect, as well as presents far too many opportunities for leakage to those who didn't ask for his cancels. (Karl, while you might think that cancels are only advisory, they're not for most people; many news admins simply set up INN out of the box, with cancels enabled, and never change the defaults. This means that when your cancels leak, and they will, administrators have to opt-out. Saying this is the fault of their peers is merely petty buck-passing; it's the fault of -YOUR- peers.) This is why I don't support Karl's proposal. Not because it is a fundamentally bad idea or because I have a problem with him personally (the latter of which has been seen far too much), but because it fails to address the basic need for personal privacy in a public forum, and because it fails to operate as a strictly opt-out mechanism. Address that, while still making it possible for law enforcement (with proper authorization) to perform an investigation, and you'll have me aboard in a heartbeat. Aside from the lack of authentication, as a medium, Usenet is alive and well. The big 8 are managed in a clear, coherent manner (by a well-defined voting procedure and authenticated mechanism for creation and retirement of groups). What you seem to have a problem with is "alt", and other hierarchies without any kind of growth control. But, so as to avoid the "ok, what's your better idea, then" posts, here's my suggestion. Instead of Karl's system, which places the burden of signing on the customer, and eliminates their posting privacy, why not a system like this: - The system signs the message going out, not the individual. Thus, we know where the message came from (unlike with path headers, which can be forged), and it's much easier to get buy-in from server administrators than it is from the end-user. Especially when a system like this starts reaching critical mass; for a legitimate business providing Usenet service, buy-in is a no-brainer. - Require DH/DSS keys instead of RSA, so that admins can use something like GPG instead of PGP so they aren't saddled with the cost of a server license on PGP, taking some burden off of the administrator, and makes sure that the central authority doesn't ever get nailed with needing to purchace the server licence. All modern versions of PGP support DH/DSS, so this restriction isn't a problem. - Sign every local post, not just binaries. Why should we treat one post differently than others? Just as a binary post could be child porn, a text post could be slander or a copyright infringement. - Issue batches of NoCeMs instead of cancels (using DH/DSS keys instead of RSA). This: - gives us a verification mechanism that the sender of the message really is the central signature-checking authority, and not someone trying to be annoying. - makes it possible to process them more efficiently (in batches as opposed to individually) - ensures that the system really is opt-in, instead of abusing the fact that many administrators leave cancels enabled by default, and making it a pseudo opt-out system. - allows the average person to take part in this, even if their news administrator doesn't, by using NoCeM for what it was originally designed for (as a personal filter). With this, law enforcement knows where the message came from. Now, it's up to the Usenet source to maintain some means of correllating a post to a physical human being (ala NNTP authentication, or NNTP-Posting-Host with a timestamp and login record). Any Usenet source with an abuse department needs this infrastructure in place anyway. If you don't maintain this correllating data, guess who's liable for the content posted? I see this as a much better solution; it preserves the customer's privacy, keeps the legal liability where it belongs (the originating system, and the poster), and takes the burden off of the end user. To them, this is completely invisible. Comments welcome. Feel free to forward this to more appropriate forums if you like the idea, and think others might. -- Edward S. Marshall <emarshal@logic.net> /> Who would have thought that we -o) http://www.logic.net/~emarshal/ // would be freed from the Gates of /\\ Linux Weenie, Open-Source Advocate </ hell by a penguin named "Tux"? _\_v