On Mon, Dec 30, 2013 at 4:06 PM, Risker <risker...@gmail.com> wrote: > On 30 December 2013 18:59, Tyler Romeo <tylerro...@gmail.com> wrote: > > > On Mon, Dec 30, 2013 at 6:49 PM, Risker <risker...@gmail.com> wrote: > > > > > I disagree fundamentally with your position here. It's technically > > possible > > > for Tor editors to edit; all we have to do is unblock Tor nodes (or for > > > them to disable Tor), and they can edit. It is the social and > > policy-based > > > processes that prevent Tor users from using Tor to edit. I happen to > > agree > > > with those processes (having cleaned up major messes from unblocked Tor > > > nodes on enwiki), but it's not a technical problem, really. > > > > > > > I'm confused exactly what you are disagreeing with? The consensus > currently > > is that Tor users should not be able to edit raw. Thus the issue at hand > is > > that there is currently no technical solution for allowing Tor users to > > edit while still being able to block them. If you want to change the > > consensus and unblock Tor users from editing, then it is indeed a > > social/policy issue. > > > > > > > I have no desire to change the status quo. But the solution of being able > to isolate and block individual accounts through Tor would require a change > in Tor's software and principles, not MediaWiki's. One of its core > characteristics is to render accounts technically indistinguishable, and to > seek alternate routes when an account is prevented from editing/accessing. > > I think there may have been some progress on this since the last time it was brought up, since we now have OAuth in place. It might be a way to help bridge this gap.
I was talking with Tom Lowenthal, who is a tor developer. He was trying to convince Tilman and I that IP's were just a form of collateral that we implicitly hold for anonymous editors. If they edit badly, we take away the right of that IP to edit, so they have to expend some effort to get a new one. Tor makes that impossible for us, so one of his ideas is that we shift to some other form of collateral-- an email address, mobile phone number, etc. Tilman wasn't convinced, but I think I'm mostly there. We probably don't want to do that work in MediaWiki, but with OAuth, anyone can write an editing proxy that allows connections from Tor, ideally negotiates some kind of collateral (proof of work, bitcoin, whatever), and edits on behalf of the tor user. Individuals can still be held accountable (either blocked on wiki, or you can block them in your app), or if your app lets too many vandals in, we'll revoke your entire OAuth consumer key. So I'm not claiming to have solved this, but if other people want to experiment with ways to do this, I think they can do it without a change to the current blocking policy, or getting any code deployed on the WMF cluster. > Risker > _______________________________________________ > Wikitech-l mailing list > Wikitech-l@lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
