Eric Hughes suggests an alt.whistleblower with localized anonymizing. I like this, but I don't see how NNTP provides it. Wouldn't every server have to be modified or upgraded to support anonymizing?
In an already supported sense, yes. As I understand it, when a moderated group is created, an email address for the moderator is propagated with it. So every time a moderated group is created, every server already is "modified". But the anonymity does not take place in NNTP. The news server mails every posting to the moderator's address. The header filtering take place on that machine, unbeknowst to the original NNTP server. I hear that this mechanism didn't used to work reliably, but that it now basically does. Comments? In addition, the direct mail address should be advertised independently, so that those without easy access to Usenet news can still use the system.
[...] I think we will find that the people in charge of NNTP are looking for ways to increase authentication and validation mechanisms,
The way to forge a posting to alt.whistleblower would be to post with your real address in it! That's not exactly a positive feedback loop for the outlaw.
[...] a centralized moderator stripping addresses, [...] is problematic because it is a single location with all the traffic
Granted. Thus the need for a periodic posting stating exactly what the security level of the system is.
But I think the localized header-stripping is totally superior to all this.
Agreed. That's why you publish the newsgroup entry point. Then a more sophisticated whistleblower could use a remailer chain to get to the access point. Eric