Moderation issues (was: Decision: Let's get draft-allbery-usefor-usepro-00 right and publish it as draft-ietf-usefor-usepro-07)
Russ Allbery <rra@stanford.edu> Sat, 30 December 2006 17:47 UTC
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1H0iIj-0007nA-Kz for usefor-archive@lists.ietf.org; Sat, 30 Dec 2006 12:47:21 -0500
Received: from balder-227.proper.com ([192.245.12.227]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1H0iIh-0004SM-Um for usefor-archive@lists.ietf.org; Sat, 30 Dec 2006 12:47:21 -0500
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id kBUHiwL7055673; Sat, 30 Dec 2006 10:44:58 -0700 (MST) (envelope-from owner-ietf-usefor@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id kBUHiwQG055672; Sat, 30 Dec 2006 10:44:58 -0700 (MST) (envelope-from owner-ietf-usefor@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-usefor@mail.imc.org using -f
Received: from smtp2.stanford.edu (smtp2.Stanford.EDU [171.67.20.25]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id kBUHitCi055665 for <ietf-usefor@imc.org>; Sat, 30 Dec 2006 10:44:57 -0700 (MST) (envelope-from rra@stanford.edu)
Received: from smtp2.stanford.edu (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id F17B24C39B for <ietf-usefor@imc.org>; Sat, 30 Dec 2006 09:44:54 -0800 (PST)
Received: from windlord.stanford.edu (windlord.Stanford.EDU [171.64.19.147]) by smtp2.stanford.edu (Postfix) with ESMTP id 9FA764BFF5 for <ietf-usefor@imc.org>; Sat, 30 Dec 2006 09:44:54 -0800 (PST)
Received: by windlord.stanford.edu (Postfix, from userid 1000) id 9AB11E7CFB; Sat, 30 Dec 2006 09:44:54 -0800 (PST)
From: Russ Allbery <rra@stanford.edu>
To: ietf-usefor@imc.org
Subject: Moderation issues (was: Decision: Let's get draft-allbery-usefor-usepro-00 right and publish it as draft-ietf-usefor-usepro-07)
In-Reply-To: <459691F0.7624@xyzzy.claranet.de> (Frank Ellermann's message of "Sat, 30 Dec 2006 17:21:04 +0100")
Organization: The Eyrie
References: <458263F0.2040903@alvestrand.no> <JAHJHI.F39@clerew.man.ac.uk> <4587C201.9070909@alvestrand.no> <45887ADA.95B@xyzzy.claranet.de> <878xh38l9j.fsf@windlord.stanford.edu> <45899A0C.2BEC@xyzzy.claranet.de> <87y7oqimka.fsf@windlord.stanford.edu> <459691F0.7624@xyzzy.claranet.de>
Date: Sat, 30 Dec 2006 09:44:54 -0800
Message-ID: <87irft2s89.fsf_-_@windlord.stanford.edu>
User-Agent: Gnus/5.110006 (No Gnus v0.6) XEmacs/21.4.19 (linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ietf-usefor@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-usefor/mail-archive/>
List-Unsubscribe: <mailto:ietf-usefor-request@imc.org?body=unsubscribe>
List-ID: <ietf-usefor.imc.org>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: d16ce744298aacf98517bc7c108bd198
Frank Ellermann <nobody@xyzzy.claranet.de> writes: > Russ Allbery wrote: >> How? Could you provide some specific examples of what interoperability >> problems you believe could result? > The first moderator could note approved Message-IDs and cancel anything > else appearing in his group. I suppose. It would be rather pointless to do so at this point, given how few people support cancels, and those I know of who are doing this use PGPMoose instead (thus turning this into the digital signature case). This is a case of cross-posting between moderated groups, which I agree is kind of iffy already. In practice, one pretty much always works this out via special agreement between the moderators. We have a system described in our document that sort of works, but it still requires prior arrangement between the moderators to devise a way of noting that the message was already approved. Said prior arrangement could deal with issues such as this as well. This area is not going to get any better until there's a strong authentication system for moderator approvals. Until then, anything we write about the mechanics of this is written on quicksand; in practice, there are a bunch of ad hoc conventions that are not suitable for standardization. Again, I'll warn that trying to explore this area is going to go way off into the weeds for this working group. Do you want the moderator to retain the message ID if they've made substantial changes to the post? What if the moderator decides to remove the newsgroup to which the post was previously approved? There's nothing preventing them from doing that, and there are some moderated newsgroups where the moderation policy permits that (as much as I think it's a horrible idea for social reasons). What if the two moderators decide to multipost the message instead of crosspost it? Documenting how moderation is done on Netnews and getting consensus around recommendations is a document of its own and probably at least a year of work for an active IETF working group. It took longer than that the last time, and it's only gotten more complicated. >> cancels of a message in a moderated group have to be approved by the >> moderator anyway, > s/anyway/ideally/. Cancels can be approved by the author as well, they > don't need to be moderated. Hm. Well, I suppose that's a USEAGE question. I'd consider it questionable to self-approve *any* message to a moderated newsgroup, including a cancel, but I can see the argument the other way. It depends on how one views the nature of a moderated newsgroup. Certainly, on a server that enforces PGPMoose authentication, such a cancel would be ignored, but then cancels are generally ignored anyway. (In practice, I'd just explain to the poster of the cancel that no one honors cancels any more anyway and they're just creating controversy for themselves without accomplishing anything useful.) > Some cases I have in mind: > 1 - author submits article, moderator approves it, author decides to > withdraw his contribution. The author can send a cancel to the > moderator (for approval by the moderator), additionally (s)he can > send a self-approved (author's address) cancel. For cancels the > most important issue is speed. True, to what degree they're useful. It's really not feasible to withdraw a message once it's been posted, but ignoring that, I do see your point. > 2 - impostor submits article, moderator approves it, alleged author > cancels the fake. Somebody abused the From:-address and/or > Message-ID, therefore cancel it. Better, here, to notify the moderator since you also want to prevent the imposter from doing it again (and that's more important than chasing the first message with a cancel). >> It *has* to be. My moderated groups get hundreds of messages a day for >> which drop is the *only* valid implementation of reject. Those >> messages are spam with either no contact information at all or forged >> contact information. Any attempt on my part to do anything but drop >> those messages would leave me sending unsolicited e-mail or other >> communication to someone whose only involvement with the original >> message was to have their contact information forged by a spammer. > That procedure has to be outlined in the standard. Apart from simply disagreeing in general, I don't believe this is feasible for a standards-track protocol specification. > You can't just drop legit submissions without informing the author. Of course I can. It happens all the time and has for as long as there have been moderated newsgroups. You don't *want* moderators to drop legit submissions without informing the author, but that's a different statement. I understand why you want this, and in *most* cases I would agree. However, in practice, one simply cannot do this reliably without missing some legitimate submissions unless one is spamming addresses forged by spammers, since no spam detection method (including the human eye) is 100% reliable. > It has to be clear what the Return-Path is (= an address at the original > server), and that you'd use the From (or Reply-To) for a "normal" > reject. The envelope sender (assuming that's what you mean by Return-Path) is precisely as reliable as the From header, namely not at all. Spammers are not that stupid and forging the envelope sender is trivial. >> I would be very happy to see a document that describes those judgement >> calls, and indeed such a document was already written, as an I-D, a >> little over ten years ago. You can find it on the web as "NetNews >> Moderator's Handbook." > http://www.eff.org/Net_culture/Net_info/Technical/usenet_moderator_handbook.draft > Ten years might be a bit old for issues related to spam. It certainly is. It's too old for all sorts of things, although that document addresses many of the other judgement calls that moderators deal with, but it would desperately need an update. >> If we try to get into that material in the protocol specification, >> we're going to end up wandering *way* off into the weeds. > You could write "the procedure to do X or decide Y is not specified > here", but we need an overall model of what a moderated newsgroup is. I believe my current draft provides an accurate overall model of what a moderated newsgroup is at the Netnews protocol level, namely moderators *can* do anything they wish, but best practice says to make minimum modifications to approved posts. However, I come to this with a fairly intensive knowledge of how moderation works. Do you have a specific wording change in mind that would make the model better for people who don't have that background, based on what we've discussed? > So far I thought it's an NG where "something" can decide to reject or > accept submitted articles. Apparently your model includes content > modification and silently dropping articles. That's very different. Then this discussion has already served an educational purpose. That's a very good thing! I think that many people who have not moderated a newsgroup don't understand how Netnews moderation works at all, or don't understand the huge variety of actions different moderators in different groups take with posts. -- Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
- Decision: Let's get draft-allbery-usefor-usepro-0… Harald Alvestrand
- Re: Decision: Let's get draft-allbery-usefor-usep… Charles Lindsey
- Re: Decision: Let's get draft-allbery-usefor-usep… Alexey Melnikov
- Re: Decision: Let's get draft-allbery-usefor-usep… Harald Alvestrand
- Re: Decision: Let's get draft-allbery-usefor-usep… Charles Lindsey
- Re: Decision: Let's get draft-allbery-usefor-usep… Frank Ellermann
- Re: Decision: Let's get draft-allbery-usefor-usep… Russ Allbery
- Re: Decision: Let's get draft-allbery-usefor-usep… Harald Alvestrand
- Re: Decision: Let's get draft-allbery-usefor-usep… Frank Ellermann
- Re: Decision: Let's get draft-allbery-usefor-usep… Frank Ellermann
- Re: Decision: Let's get draft-allbery-usefor-usep… Russ Allbery
- Re: Decision: Let's get draft-allbery-usefor-usep… Russ Allbery
- Re: Decision: Let's get draft-allbery-usefor-usep… Frank Ellermann
- Moderation issues (was: Decision: Let's get draft… Russ Allbery
- Re: Moderation issues Frank Ellermann
- Re: Moderation issues Russ Allbery
- Re: Decision: Let's get draft-allbery-usefor-usep… Charles Lindsey