[704] in North American Network Operators' Group
Re: Motion for a new POST NSF AUP
daemon@ATHENA.MIT.EDU (Bill Woodcock)
Mon Oct 16 12:53:42 1995
Date: Mon, 16 Oct 95 09:49:53 PDT
From: woody@zocalo.net (Bill Woodcock)
To: bass@dune.silkroad.com, com-priv@lists.psi.com, nanog@merit.edu
I support the notion of a non-binding AUP, on the grounds that it
wouldn't be _that_ much work to do, but would give us (Internet
denizens) something to point to when our respective governments give
us the "clean up your act before we do it for you" number again.
I don't expect such a non-binding AUP to have any short-term or
dramatic effect on end-user behaviour, however.
Thus, I also support the idea of PGP/listserv and PGP/news-server
integration. At present, I can allow or disallow posting on our news
servers by IP address or range, and by FQDN or domain name. I think
it might be useful to allow PGP-authenticated validated users to post
from any location or host. The creation of a user-list based
permissions scheme would also clear the way for automatic invalidation
of individual users who post to too many newsgroups within too short a
period of time, a la deactivating user accounts after too many
successive failed logins. I disagree with the proposition that this
would place too great a burden on servers... authentication need be
done only at the time the posting is introduced into the Usenet system
or onto the listserv... If someone wants to go to the trouble of
spoofing a whole listserv, perhaps that should be recognized as a
whole we don't feel like dealing with in an initial implementation...
News servers obviously support a limited number of inter-server
connections, which could be easily validated themselves, so they're a
more easily closed system.
-Bill Woodcock
________________________________________________________________________________
bill woodcock woody@zocalo.net woody@applelink.apple.com user@host.domain.com
