From: Russ Allbery (rra@stanford.edu)
Date: Tue Jan 16 2001 - 13:10:43 CST
Brad Templeton <brad@templetons.com> writes:
> NNTP-posting-host is an ad-hoc header that was put in by some injector
> authors without consideration of the privacy issues.
Assumes facts not in evidence. I explicitly considered the privacy issues
and then turned it on. I could be convinced to turn it off again on my
servers, but I find it convenient, and I simply don't agree with you that
it's this huge of an issue.
Are you absolutely sure that Rich didn't consider privacy issues when he
added that code to INN, and that he didn't just disagree with you?
> When considering how to standardize such activities, it is exactly the
> right time to bring up the privacy consequences of the design.
Sure. I have no problems with that. But I do object to ignoring the fact
that NNTP-Posting-Host isn't some random little header that some small
number of servers use. It's not even Mail-Copies-To with a partial
existing installed base. It's added by damn near every news server
currently deployed. It's become part of the de facto protocol, and has
been part of the de facto protocol for longer than I've been running news
servers. A whole bunch of people have never used or maintained a Usenet
*without* NNTP-Posting-Host headers on most posts.
That doesn't mean it's a good idea. That does mean that it's not
something we can just ignore if we don't like it.
-- Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>