From fair@clock.org Wed Dec 17 23:17:14 2003 From: "Erik E. Fair" To: cypherpunks-legacy@lists.cpunks.org Subject: Re: Rethinking the utility of netnews "cancel" control messages Date: Wed, 17 Dec 2003 23:17:14 +0000 Message-ID: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6096175139348076856==" --===============6096175139348076856== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit At 9:50 10/5/95, Rich Salz wrote: >Cancel/Supercede is a useful model -- architecting them out of Usenet >is a very bad idea. Ask Clarinet. Is it? The principal effects of not having the mechanism is a slightly higher disk storage requirement for netnews - something completely unheard of in the annals of USENET. The downsides of having the mechanism (especially unauthenticated) we see now: official and unofficial squelching of articles that someone doesn't like for whatever arbitrary or situational reason. In the long run, which is the more detrimental effect? It isn't desireable for systems to be perfectly efficient, if they generate imperfect results; as I understand it, the ponderousness of our federal legislative system was designed in for precisely this reason: they were optimizing for long term correctness, instead of efficiency. Frankly, I think that if the question were posed correctly, I'm sure that Brad Templeton (President of Clarinet) would think carefully about answering it, since it has quite a few aspects. I'm just trying to stimulate a little more careful thought about this as a philosopical issue, before you go whack on INN again... Erik Fair --===============6096175139348076856==-- From wilcoxb@nagina.cs.colorado.edu Wed Dec 17 23:17:14 2003 From: Bryce To: cypherpunks-legacy@lists.cpunks.org Subject: Re: Rethinking the utility of netnews "cancel" control messages Date: Wed, 17 Dec 2003 23:17:14 +0000 Message-ID: <199510051942.NAA03482@nagina.cs.colorado.edu> In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6098653308857262731==" --===============6098653308857262731== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- "Erik E. Fair" (Time Keeper) wrote: > At 9:50 10/5/95, Rich Salz wrote: > >Cancel/Supercede is a useful model -- architecting them out of Usenet > >is a very bad idea. Ask Clarinet. > > Is it? The principal effects of not having the mechanism is a slightly > higher disk storage requirement for netnews - something completely unheard > of in the annals of USENET. > > The downsides of having the mechanism (especially unauthenticated) we see > now: official and unofficial squelching of articles that someone doesn't > like for whatever arbitrary or situational reason. Look just replace "cancel" with "mark as worthless and sign". Then each reader may choose to "honor" the "cancel" or not. If you are reading clari.news.world then you completely "honor" cancels signed by ClariNet. If you are reading alt.religion.scientology, then you have your user agent specifically bring "cancelled" articles to your attention for reading. :-) (As an aside this serves for moderation as well. Just tell your user agent to honor messages marked as "cancelled, signed Bob The Moderator" and you have entered a moderated newsgroup. And the protocol that's gonna bring it to you? NoCeM and its relatives. Real Soon Now, I think.) Bryce signatures follow "To strive, to seek, to find and not to yield." bryce@colorado.edu -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Automatic PGP clearsigning under Unix with Bryce's Auto-PGP v1.0 iQCVAwUBMHQ0jfWZSllhfG25AQE5MgP8Chmh7dZkdGmNCGxuL3nrKZsxrv7P8RnK tJKPUQMEpNyH7Xd4Iu4p5P3HXg3HIxo/73ALewE75cN3Zg8tV2pw0pPovPuE416M uaTs6FhTgSjh6+v3H/rt/dNqVgMfPAqPqSST3OESH2P2i6C+IkLEr4eglJWkgYJ9 L3bXB6l6IPQ= =mw+K -----END PGP SIGNATURE----- --===============6098653308857262731==-- From bogstad@news.cs.jhu.edu Wed Dec 17 23:17:14 2003 From: bogstad@news.cs.jhu.edu To: cypherpunks-legacy@lists.cpunks.org Subject: Re: Rethinking the utility of netnews "cancel" control messages Date: Wed, 17 Dec 2003 23:17:14 +0000 Message-ID: <458sie$r41@blaze.cs.jhu.edu> In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7033786108856571250==" --===============7033786108856571250== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit In article , Erik E. Fair wrote: >At 9:50 10/5/95, Rich Salz wrote: >>Cancel/Supercede is a useful model -- architecting them out of Usenet >>is a very bad idea. Ask Clarinet. > >Is it? The principal effects of not having the mechanism is a slightly >higher disk storage requirement for netnews - something completely unheard >of in the annals of USENET. > >The downsides of having the mechanism (especially unauthenticated) we see >now: official and unofficial squelching of articles that someone doesn't >like for whatever arbitrary or situational reason. There is another benefit to the current system which is being ignored. That is, it allows for the removal of unauthorized postings. Posting of copyrighted materials without authorization does occur and I think the current cancel mechanism (with its lack of authentication) is an important safety valve for dealing with irate copyright holders. I can't say that the disadvantages of the current spoofable cancel system don't outweigh this benefit, but I think that any system designed to replace it should include this capability. Someone asked the question if one was a librarian/archivist would/should they honor cancels. Under the circumstances I describe, I think they have to do so. Rather then eliminate cancels, I think a general authentication system for all USENET posts makes more sense. The news system itself doesn't need to authenticate general posts. That can be left up to the decision of the individual reader. In most case, I don't care as a news reader if the real 'Erik Fair' posted this message. It can stand on its own merits. In the case of cancels, as a news administrator I probably want to restrict them to the original poster and a small set of authorized agents. With new group and remove group messages, I probably want to only have a small set of agents for the 'big seven' hierarchies and perhaps others. I see no downside to standardizing on a mechanism for including authentication in news posts as long as we allow the user and site administrator to make the decision about whether to pay attention to the authenticity of a message. Those who want the current system will set up the authentication system to always say 'yes'. Those who want to eliminate cancels can setup the authentication module so it always says 'no'. I would setup my system somewhere in between these extremes. Bill Bogstad bogstad@cs.jhu.edu --===============7033786108856571250==-- From mhw@wittsend.com Wed Dec 17 23:17:14 2003 From: "Michael H. Warfield" To: cypherpunks-legacy@lists.cpunks.org Subject: Re: Rethinking the utility of netnews "cancel" control messages Date: Wed, 17 Dec 2003 23:17:14 +0000 Message-ID: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2665043097910802593==" --===============2665043097910802593== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Stuart Smith enscribed thusly: > > -----BEGIN PGP SIGNED MESSAGE----- > > In article you write: > >The downsides of having the mechanism (especially unauthenticated) we see > >now: official and unofficial squelching of articles that someone doesn't > >like for whatever arbitrary or situational reason. > > You miss an important point in the mechinism - individual sites *choose* > whether or not to pay any attention to cancels. Theoretically, they could > be configured to only listen to cancels from certain places etc etc. By all > means these should be authenticated, but it is vital to remember that this > is still (for now..) an anarchy. I don't have to honour anyones cancels, > and if I do, and you don't like it - you don't have to get a news feed from > me. (No doubt, you are going to get hammered heavily on this from multiple sides, but here is my shot anyways.) Actually you miss a very critical point. This choice is, in fact, a "Hobsens Choice", a choice that is no choice. If any site between you and the article source choses to honor that cancel, you never get the original article to begin with. All you get is the cancel message and your choice to honor it or not is totally meaningless. To be worth anything all of the intermediate nodes would have to chose to ignore cancel messages and then the leaf nodes would have the privledge of honoring or ignoring them. But it will be a VERY cold day in a VERY warm place before that ever happens, even if it did make sense (It doesn't). Yes yes, I know - article loss is contigent upon the cancel arriving there before you pick up the article from them, this effect would just serve to add a level of chaos and indetermanancy to the mechanism. Obviously (because of time elements involved in realization and forging of cancels) it is much more likely that you will receive originals for article where a forged cancel is received. That depends on the latency involving all of the news feeds between you and the article source and the latency involving the forger and his ability to recognize a message he wants to cancel and to get that cancel out. The human factor adds a lot here. Perhaps we should add a "time-limit" to cancel messages? This too would be highly indeterminant as propagation times stretched out. End result is that most sites currently do honor cancels, so many of the originals never reach a lot of the leaf nodes while all of us continue to be subjected to a FLOOD of cancel control messages. In terms of message count and article numbers (not total bytes of storage) my control group is the largest newsgroup group on my system! Regards, Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (770) 925-8248 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! --===============2665043097910802593==-- From stu@nemesis Wed Dec 17 23:17:14 2003 From: stu@nemesis To: cypherpunks-legacy@lists.cpunks.org Subject: Re: Rethinking the utility of netnews "cancel" control messages Date: Wed, 17 Dec 2003 23:17:14 +0000 Message-ID: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2353217852786747051==" --===============2353217852786747051== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- In article you write: >The downsides of having the mechanism (especially unauthenticated) we see >now: official and unofficial squelching of articles that someone doesn't >like for whatever arbitrary or situational reason. You miss an important point in the mechinism - individual sites *choose* whether or not to pay any attention to cancels. Theoretically, they could be configured to only listen to cancels from certain places etc etc. By all means these should be authenticated, but it is vital to remember that this is still (for now..) an anarchy. I don't have to honour anyones cancels, and if I do, and you don't like it - you don't have to get a news feed from me. - -- Baba baby mama shaggy papa baba bro baba rock a shaggy baba sister shag saggy hey doc baba baby shaggy hey baba can you dig it baba baba E7 E3 90 7E 16 2E F3 45 * Stuart Smith * 28 24 2E C6 03 02 37 5C * http://www.wimsey.com/~ssmith/ -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMHj8pqi5iP4JtEWBAQHI+QP/dy3e6AfQ4OjRLjM723i8ZBCGSJdN7N8i Iw6E+UwhkZxt5aEq6KQHr72TkGbz6wgUMOCFsdK0cJjpt3ubgi1RYjDiQPeYswkp zK6/hnUnbpKAUE7h2BWLO+VYyoxxySCydigUthxWrG3p25eDJTYVhAw5gKsLrOJp k/HDHNQ2IG8= =ZBAz -----END PGP SIGNATURE----- --===============2353217852786747051==--