I support the notion of a non-binding AUP, on the grounds that it wouldn't be _that_ much work to do, but would give us (Internet denizens) something to point to when our respective governments give us the "clean up your act before we do it for you" number again. I don't expect such a non-binding AUP to have any short-term or dramatic effect on end-user behaviour, however. Thus, I also support the idea of PGP/listserv and PGP/news-server integration. At present, I can allow or disallow posting on our news servers by IP address or range, and by FQDN or domain name. I think it might be useful to allow PGP-authenticated validated users to post from any location or host. The creation of a user-list based permissions scheme would also clear the way for automatic invalidation of individual users who post to too many newsgroups within too short a period of time, a la deactivating user accounts after too many successive failed logins. I disagree with the proposition that this would place too great a burden on servers... authentication need be done only at the time the posting is introduced into the Usenet system or onto the listserv... If someone wants to go to the trouble of spoofing a whole listserv, perhaps that should be recognized as a whole we don't feel like dealing with in an initial implementation... News servers obviously support a limited number of inter-server connections, which could be easily validated themselves, so they're a more easily closed system. -Bill Woodcock ________________________________________________________________________________ bill woodcock woody@zocalo.net woody@applelink.apple.com user@host.domain.com