In article <v02110105ac99c03922dd@[204.179.132.4]>, Erik E. Fair <fair@clock.org> wrote:
At 9:50 10/5/95, Rich Salz wrote:
Cancel/Supercede is a useful model -- architecting them out of Usenet is a very bad idea. Ask Clarinet.
Is it? The principal effects of not having the mechanism is a slightly higher disk storage requirement for netnews - something completely unheard of in the annals of USENET.
The downsides of having the mechanism (especially unauthenticated) we see now: official and unofficial squelching of articles that someone doesn't like for whatever arbitrary or situational reason.
There is another benefit to the current system which is being ignored. That is, it allows for the removal of unauthorized postings. Posting of copyrighted materials without authorization does occur and I think the current cancel mechanism (with its lack of authentication) is an important safety valve for dealing with irate copyright holders. I can't say that the disadvantages of the current spoofable cancel system don't outweigh this benefit, but I think that any system designed to replace it should include this capability. Someone asked the question if one was a librarian/archivist would/should they honor cancels. Under the circumstances I describe, I think they have to do so. Rather then eliminate cancels, I think a general authentication system for all USENET posts makes more sense. The news system itself doesn't need to authenticate general posts. That can be left up to the decision of the individual reader. In most case, I don't care as a news reader if the real 'Erik Fair' posted this message. It can stand on its own merits. In the case of cancels, as a news administrator I probably want to restrict them to the original poster and a small set of authorized agents. With new group and remove group messages, I probably want to only have a small set of agents for the 'big seven' hierarchies and perhaps others. I see no downside to standardizing on a mechanism for including authentication in news posts as long as we allow the user and site administrator to make the decision about whether to pay attention to the authenticity of a message. Those who want the current system will set up the authentication system to always say 'yes'. Those who want to eliminate cancels can setup the authentication module so it always says 'no'. I would setup my system somewhere in between these extremes. Bill Bogstad bogstad@cs.jhu.edu