> ----- Forwarded message from cypherpunk <[EMAIL PROTECTED]> -----
>
> From: cypherpunk <[EMAIL PROTECTED]>

> Subject: Re: Hello directly from Jimbo at Wikipedia

> As an occasional Tor and Wikipedia user, let me add a couple of points.
>
> First, in case it is not obvious, the problem with the present system
> is that Tor users can no longer edit on Wikipedia. I have done so in
> the past, in what I like to think is a constructive manner, but cannot
> do so since this summer. I have valid although perhaps unpopular
> contributions to make, and not only is my freedom to express myself
> limited, the quality of the material on Wikipedia suffers due to the
> absence of my perspective. The status quo is not acceptable and we
> should work to find a solution.

Leaving aside the qualitative discussion, let's remember that the freedom to
express onesself does not imply the obligation for any other party to listen.

> Looking at the proposals for authentication servers and such, I see a
> major issue which is not being addressed. That is, how does the web
> server distinguish "authenticated" Tor users from unathenticated ones?
> If this is via a complicated protocol, there is no point as the
> servers won't use it.

The problem at hand does not require "authenticated" Tor users.  It requires
authenticated Wikipedia users.

> This does not necessarily mean building complex authentication
> protocols into the Tor network, and having two classes of traffic
> flowing around. It could be that this authenticated Tor is a separate
> network. It only lets users in who are authenticated, and owns a
> specific set of IP addresses which servers can whitelist. The regular
> Tor exit nodes can be blacklisted as they are now.

Tor is transport layer.  Authentication for a specific service (such as
Wikipedia) is the responsibility of that service and belongs in the session
layer.

An authenticated network and an anonymizing network are mutually exclusive.

> What does Wikipedia need? What is the minimum level of service they
> require? Presumably, it is similar to what they can get via ISPs, who
> also map many users to a fixed set of IP addresses. Wikipedia can
> complain to the ISP, and it will get back in some form to that user.

No, Wikipedia needs to realize that the IP address correlation they enjoy
outside of Tor is a happy accident, and that they should stop treating IP
addressess as user credentials.  If they want credentials, they need to
implement them.
-- 
Roy M. Silvernail is [EMAIL PROTECTED], and you're not
"It's just this little chromium switch, here." - TFT
SpamAssassin->procmail->/dev/null->bliss
http://www.rant-central.com

Reply via email to