From: Brad Templeton (brad@templetons.com)
Date: Tue Jan 16 2001 - 21:42:58 CST
On Tue, Jan 16, 2001 at 12:53:20PM -0800, Russ Allbery wrote:
> I'm not incredibly enamoured of encrypted tokens, no. I think it's neat
> for sites that know how to use it, but I also think that some of the same
> principles as Received headers apply here. A bunch of people run news
> without having any idea what they're doing, just like a bunch of people
> run mail servers without having any idea what they're doing. In both
> cases, having unencrypted trace headers as part of the generated messages
> helps immensely in pointing out to those people what's actually wrong and
> how to fix it and in taking other measures if necessary to stop spam and
> other types of abuse. Imagine how much pain we'd be in right now in
> trying to shut down open relays if all mail servers deposited Received
> trace information in local log files and replaced it with encoded tokens
> as a matter of course.
Yes, sometimes you have to put up with some pain in order to have civil
rights. That may sound trite to you, but it means a lot to some people.
I'm not saying use tokens because it's easier. Do it because it's right.
>
> > The code for
> > hash( IP + secret string of the day)
>
> > Is hardly rocket science.
>
> Nonetheless, you just completely lost 80% of the people who run news
> servers.
There is no need to have them involved. It is something software authors
would do. The time they would be lost would be when you call them up
to say, "I want to complain about postings from the user coded xxxxxxx."
If you are eager you can say, "I see you run Q News. Go to the web page
at yyyy to find out how you can map the string xxxxxx to the user's real
identity."
This is not trivial to do, but it's worth it.
The question is, do we need a design weighted entirely to the convenience
of the person tracking down the abuser or not?