Re: ietf-nntp Clients should be able to set the Path

[Evan Champion <evanc@synapse.net>]

On Thu, 19 Dec 1996, Rich Salz wrote:

> An earlier message gave a real-world example where someone needed to set
> the Path to avoid hassles, or possible legal problems.  You might think
> it stupid but that doesn't matter -- it's a real-world case.

If the reason someone is forging Path headers is because of legal 
problems, I would say the following (which I said to you in private, but 
I'll repeat it again for everyone else):

1.  If you are legally restricted from posting to a particular site, I
would argue that probably the rest of the net doesn't want to see your
posts either, so forging the path is allowing unscrupulous organizations
to get by the spirit of rulings by only stopping them from annoying a site
that happened to have enough money to sue, rather than leaving all of us
alone.

2.  If you are legally restricted from posting to a particular site, and
your posts are not of an annoying nature (choose any Usenet offense here),
I would wonder why you were so restricted in the first place, and not
being able to forge the path would make such a ruling unenforcable and
would likely have it thrown out, a Good Thing(tm).

> I can imagine other cases that might arise such as "I do not want this
> article to enter the official Usenet gateway for Singapore or China."
> (Both countries have such official gateways, or will soon.)  Now, you can
> argue that this should be China's issue, not the readers.  But you'd be
> wrong, pragmatically.  Ever been a dissident?  I haven't, but I've heard
> some speak.  Is this a likely scenario?  I don't know.  Is it possible?
> Most definitely.

So set up your own news server or get local access to one and forge
anything you want.  And in this case you'd probably want to involve
anonymous remailers etc. 

> I can imagine another case where I use my ISP account and put "!osf.org"
> in the path because it could adversely affect my standing at work. Sure,
> others could mail the article, but at least I have plausible deniability
> in those cases.  Again, possible.

So what are you saying to the rest of us that is so awful that you'd get 
in trouble at work? :-)

I have a general rule with these sort of things.  If I'm concerned about 
someone finding out what I said, maybe I shouldn't be saying it, and 
especially not in an international forum overwhich I have no control.  
And if I decide that it has to be said, someone is going to find out 
anyway, and I should prepare to face the consequences.
 
> Now, in order to catch spammers, many people on this list are willing to
> "make impossible" all of the above.  I believe, quite strongly, that they
> are wrong.  I see no reason to define a protocol that sacrifices much in
> the name of fictitious perfect accountability.  (As long as ISP's give
> out free disks, you will never get there.)  I consider the people who argue
> against my position to be in the same league as those who support the
> US policies on cryptography.

I don't see the relationship.  In fact, I suspect if people would encrypt 
their postings then no one would care where they ended up and wouldn't 
bother forging the path.

Evan
--
Evan Champion            * Director, Network Operations
mailto:evanc@synapse.net * Directeur, Exploitation du reseau
http://www.synapse.net/  * Synapse Internet