Bawolff (Brian Wolff) <> changed:

           What    |Removed                     |Added
                 CC|                            |

--- Comment #2 from Bawolff (Brian Wolff) <> ---
(In reply to Subfader from comment #0)
> Is it actually legal to display anon IPs?

We do warn people. I have no idea why showing IP addresses would be illegal
unless we disallowed it in our privacy policy.

> It maybe didn't matter so much in IPv4 but def in IPv6 since these are no
> more dynamic (besides being very long and ugly).

People should register accounts if they want privacy. Changing this would be a
very fundamental change to how MediaWiki works, as well as how we handle
abusive edits. This is the sort of thing that should be proposed on mailing
list or in an RFC, not on bugzilla

> Privacy first! Actually the IP could be converted to an anonoymous but
> unique string, no?
> I'm not talking about "93.128.5.XXX" but "df76tj6A" or "93.df76tj6A".

I'm not sure, but I feel like you would have to be careful with such a system,
since the tokens would be very long lived to track abuse (Or would it? I don't
know), and (for IPv4) the space of all possible tokens is small. Thus you would
have leaking of the "real" address over time, which one wouldn't be able to do
much about once the corresponding IP is exposed. Have to make sure there is no
way to trick the system into converted an IP address to a token without
actually editing, since the IPv4 address space is small enough to be brute
forced. I would consider a poorly designed token system worse than just showing
IPs, since there is no expectation of IP privacy when its just shown and people
can act accordingly, which is much better then telling people its private if it
really isn't. Of course that's moot if a good token system could be come up
with, which could for all I know entirely be possible.

You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
Wikibugs-l mailing list

Reply via email to