I am getting involved in networking some local BBS' and message bases.
I'm beta testing a privacy-oriented BBS right now that I just finished programming, called CryptoBBS and what better place to introduce/ask questions on it than among the cypherpunks! It is geared towards the hobbyist sysop with an old XT clone or something lying around as it is a mere 80K (for the floppy-sysops!) There is no logon prompt asking for name, birthdate, SSAN, and who knows what else, it goes directly onto the board. Callers wishing to post messages, are asked for an alias name to fill in the FROM: block, but real names or call-back verifiers are not supported. My hope is to offer sysop's a choice, between *choosing* to preserve privacy, rather than the current practice of obtaining personal information because the questionnaire's are preprogrammed that way. The unique feature about CryptoBBS is it's "Post Office." The P.O. allows callers to set up a p.o. box from which they can up/download any file (pgp encrypted files for instance) to any other user on the board without the sysop's approval/knowledge. It encourages and nurtures an anonymous "mail drop" community while protecting the caller's privacy. The question is, should I throw away the virtues of a lean 'n mean app at 80K by adding a dolphin or pgp to it that automatically encrypts the message base, uploaded messages, etc? Should we give the BBS caller a little credit and assume he knows to encrypt at his own machine before uploading the text? Or is the temptation to make everyone *lick and seal their message envelopes* too invasive? I know the issue of encouraging pgp use by making it as painless as possible on the end-user is nothing new around here, but as far as I know no one has ever discussed whether or not BBS's should handle the job for the caller.