I began using Usenet in about 1994. It was a remarkable forum -
possessing the property of being both public and yet private, as at that
time no one was archiving posts.
I would like to recreate that property of being public and yet private,
which is exactly to say that posts can be read by and only by a given
group of readers. The news-servers cannot read posts, nor can anyone
outside of that group of readers - so no archiving by Google, or anyone
else.
The mechanism for this then centers on the use of private-public key
pairs, and the introduction of a new type of moderation.
I propose then a second form of moderation, which is and is only
moderation of what is in effect membership of a group - members are able
to read and post, non-members cannot read or post.
It is possible to encrypt messages using more than one public key.
When a member posts, the post is encrypted by the NNTP client with the
public keys of every existing member, and then posted.
The news-servers cannot decrypt posts, non-members cannot decrypt posts;
both can see and only see the encrypted text.
As such, when a post is made, only the current group of subscribers can decrypt the post.
When a new member subscribes, they will be able to read posts only from
the moment of their subscription onwards; they will not have access to historical posts. A posting could be made into a group to alert all users
of a new subscriber, to allow for care in posting until that subscriber is trusted by the community.
Killfiles also develop new powers, as a news client can *not* encrypt a
post with the public key of members in the posters killfile. Killfiles
then would stop not only seeing the posts of those in the killfile, but
would also prevent those in the killfile from reading the posters posts.
Gentlebeings,
I would like to describe an enhancement to the NNTP protocol, with a view
to peer review.
# Rationale
I began using Usenet in about 1994. It was a remarkable forum -
possessing the property of being both public and yet private, as at that
time no one was archiving posts.
I may be wrong, but I think the property of being public and yet private nature of Usenet was special and of particular value.
I would like to recreate that property of being public and yet private,
which is exactly to say that posts can be read by and only by a given
group of readers. The news-servers cannot read posts, nor can anyone
outside of that group of readers - so no archiving by Google, or anyone
else.
# Design
The mechanism for this then centers on the use of private-public key
pairs, and the introduction of a new type of moderation.
Moderation exists already in Usenet, and it is at the level of posts being made to a group. Anyone can read any post in any group, but only those
posts approved by moderators can be posted.
I propose then a second form of moderation, which is and is only
moderation of what is in effect membership of a group - members are able
to read and post, non-members cannot read or post.
We begin with an empty newsgroup, with a moderator of the new type.
For a user to subscribe, they create a private-public key pair and provide the *public* key to the moderator.
If their application is approved by the moderator, the public key is then distributed to all current members of the group.
All members hold then the public key of all other members.
It is possible to encrypt messages using more than one public key.
When a member posts, the post is encrypted by the NNTP client with the
public keys of every existing member, and then posted.
As such, the and the only people who can read that post are the existing members; they can all decrypt the message using their own private key,
which is secret to them.
The news-servers cannot decrypt posts, non-members cannot decrypt posts;
both can see and only see the encrypted text.
As such, when a post is made, only the current group of subscribers can decrypt the post.
When a new member subscribes, they will be able to read posts only from
the moment of their subscription onwards; they will not have access to historical posts. A posting could be made into a group to alert all users
of a new subscriber, to allow for care in posting until that subscriber is trusted by the community.
Killfiles also develop new powers, as a news client can *not* encrypt a
post with the public key of members in the posters killfile. Killfiles
then would stop not only seeing the posts of those in the killfile, but
would also prevent those in the killfile from reading the posters posts.
I may be wrong, but I think the property of being public and yet private nature of Usenet was special and of particular value.
For your reference, records indicate that[...]
Bixby <bixby@sctb.ch> wrote:
For a user to subscribe, they create a private-public key pair and provide >> the *public* key to the moderator.
If their application is approved by the moderator, the public key is then
distributed to all current members of the group.
All members hold then the public key of all other members.
It is possible to encrypt messages using more than one public key.
When a member posts, the post is encrypted by the NNTP client with the
public keys of every existing member, and then posted.
I’m no cryptography expert, but my understanding is that things aren’t generally done that way. Rather, the message is encrypted only once with
a strong symmetric cipher, and then just that key is encrypted with the public keys of the intended recipients.
First in the design as stated, the number of public key operations for
each message (point multiplications, modexps, or stranger PQC
operations) scales according to the number of recipients. Modern
computers are fast enough that with small groups of recipients this
isn’t a big deal but at some point your computer is spending rather a
lot of its time on the cryptography; latency will suffer too.
Second the security of the whole system depends both on the
trustworthiness of the moderator and their competence in selecting recipients. Even assuming the moderator is trustworthy, as the number of recipients grows, the probability that one of them is one of the group’s adversaries grows with it.
On Thu, 09 Nov 2023 10:25:16 +0000, Richard Kettlewell wrote:
Second the security of the whole system depends both on the
trustworthiness of the moderator and their competence in selecting
recipients. Even assuming the moderator is trustworthy, as the number of
recipients grows, the probability that one of them is one of the group’s >> adversaries grows with it.
Yes. Moderators as they exist now must be trusted in much the same way.
With regard to the inadvertant acceptance of subscription from an
adversary, there is some protection in that posts can be read only from
the time of subscription onwards. When there is a new subscriber, there
can be a post to the group, and users can moderate their posting until
trust is built up, and also individuals can at their own discretion choose not to encrypt using the public key of any given member, and so if they
are unsure, they can hold off until they are more comfortable - perhaps
here we can imagine a feature, where-by users indicate to their client a
post is sensitive, and then it encrypts using the public keys only of
members who have subscribed for a given period of time, or a particular subset of subscribers.
Bixby <bixby@sctb.ch> writes:
On Thu, 09 Nov 2023 10:25:16 +0000, Richard Kettlewell wrote:
Second the security of the whole system depends both on the
trustworthiness of the moderator and their competence in selecting
recipients. Even assuming the moderator is trustworthy, as the number of >>> recipients grows, the probability that one of them is one of the groups >>> adversaries grows with it.
Yes. Moderators as they exist now must be trusted in much the same way.
Not reallty, moderators in the present system have no impacted on
privacy (because there isnt any).
With regard to the inadvertant acceptance of subscription from an
adversary, there is some protection in that posts can be read only from
the time of subscription onwards. When there is a new subscriber, there
can be a post to the group, and users can moderate their posting until
trust is built up, and also individuals can at their own discretion choose >> not to encrypt using the public key of any given member, and so if they
are unsure, they can hold off until they are more comfortable - perhaps
here we can imagine a feature, where-by users indicate to their client a
post is sensitive, and then it encrypts using the public keys only of
members who have subscribed for a given period of time, or a particular
subset of subscribers.
So:
- every participant must somehow decide whether every other participant
is really an attacker, not just the moderator
- discussion is inherently fragmented
On Wed, 8 Nov 2023 20:01:59 -0000 (UTC)
Bixby <bixby@sctb.ch> wrote:
<snip>
What you describe already exists in a well-designed form: Bitmessage. >Bitmessage has chans, which are similar to newsgroups. You can subscribe
and unsubscribe to chans by keyword. Bitmessage also has:
- public chans
- secret chans
- distributed mailing lists
- encrypted private messaging
- mailchuck remailer forwarding
- whitelisting and blacklisting
- uncensorable broadcasts
Homepage: https://bitmessage.org
OmniMix * Tutorial * Whole Message Encryption (WME) PreviousTopNext[end quote]
It's obvious to prevent your normal e-mail correspondence from being
spied on by encrypting it with PGP. If the messages include attachments,
you have to encrypt those as well. But there are parts of your message
you can't hide this way, like its size, the subject, some language
specific characteristics, and last, not least the fact of sending a >multi-part message. That's where OmniMix's 'Whole Message Encryption'
comes to your aid.
Different from PGP frontends, which only allow to manipulate your
message before being sent by the mail client, a proxy server like
OmniMix is able to alter it as a whole, as long as the result remains
a compatible mail. Provided that the PGP keys of all recipients of a
mail are available, OmniMix can be advised to encrypt the entire
message, including the complete header section and some random dummy
data to disguise its real size, into one single PGP message block and
send it by means of a rudimentary header, which has to contain nothing
but the mail addresses and maybe some 'X-Hashcash' tokens. If it's sent
via a nym server an existing 'Nym-Commands' directive is also moved
outside the WME encryption block, but for reasons of security this
doesn't matter, as the message in any case is additionally encrypted
with the server's key. For an adversary, who's allowed to become
acquainted with the identity of the correspondents, the result of this >procedure is nearly worthless.
Moreover OmniMix even supports sending WME messages anonymously, which >usually isn't done to hide your identity from the recipients within
your WME community, but to prevent external observers from figuring
out the communication partners. Keep in mind, that the data within the
WME block aren't anonymized, but, though maybe shortened dependent on
an active 'Mail Permits' header filter list, handled like normal mail.
In order to allow an unrestricted, transparent communication without
adverse effects for the participants, among other things there's still
your 'From' address - which may be bogus - and the 'Message-ID'. If
the former can be found on the WME recipients list with 'Sign'
activated, the resulting signature may also expose your identity to
those who are able to decrypt the message. So check what gets
encrypted at the 'Data for Whole Message Encryption' section of the
'Raw Data' list as well as the 'Log' entries to assure yourself that
no sensitive data are unintentionally revealed to the addressees!
Caution: Don't send an anonymous mail to several addressees at a time
if you don't want them to become linked! In this case send a separate
one to each of them.
The recipients then either have to decrypt the PGP block manually and
import the result into their mail user agents, which certainly can
only be accepted in exceptional cases. On the other hand OmniMix can >automatically translate the messages back into their original state
in the course of its retrieval from the POP3 server, as far as the >corresponding secret PGP key and the correct passphrase are placed
at its disposal.
At the 'Dummy Load' page of the 'WME' section you're able to randomly >increase the size of your mail. This measure prevents adversaries
from estimating the kind of message, whether it's about a usually
shorter text or a more voluminous data transfer. Request a message-
specific dummy load by sending the desired block size range >('O-Wme-Dummy-Size-Min' and 'O-Wme-Dummy-Size-Max' header entry)
with your message. Values higher than the maximum block size defined
within OmniMix are refused, as the processing of a message extreme
in size may knock out your system. OmniMix now appends a random text
block to your message introduced by a line with a unique character
sequence. The contents of that indicator line is added to the message
header as the argument of an 'X-Wme-Dummy-Separator' entry in order
to allow the recipient's system to restore the original message by
removing the dummy load. It's important, that the dummy separator
header is named equally at the sender and recipient, as otherwise
the addressee won't be able to restore the original message.
Pros and cons of different communication methods
Ordinary PGP WME Remailing Remailing Nym Nym
Mail + WME + WME
Contents Protection No Reduced* Complete* No Complete* No Complete*
Reply Capability Yes Yes Yes No Yes Yes Yes
Anonymity towards an external observer No No No Yes Yes Yes Yes
Anonymity between the correspondents No No No Yes No Yes Yes
Latency Low Low Low Medium Medium High High
Reliability High High High Medium Medium Low Low
* Reduced: Net data only / Complete: Data + structure
The first step to set up WME is to add all required keys to the 'WME'
keyring ('WME' tab within the 'Nym Configurator'). You have to import
public keys for your correspondents and one or more public / secret
keypairs for yourself. Don't use any of your very secret PGP keys for
that transmission purpose, as its passphrase has to be stored on your >computer and both can be stolen by anyone who gets access! Better
create new keys and mark them with names, that point out their low-
security use, e.g. by adding the character sequence '(WME)' to the
User-ID. As decryption problems can't be ruled out otherwise, it's >recommended to create your keys within OmniMix itself.
You may notice that the WME section offers a greater variety of
partly more secure encryption and hash algorithms than allowed for
nym accounts. That's because there's no need to consider the
capabilities of remailers and nym servers.
Next is to go to the 'WME' tab of the main window and add the mail
addresses of all participants in your WME network to the list along
with the corresponding key and - if it's a private key of your own -
the passphrase. Based on this list, if WME is active, all mails,
whether sent normally or by one of your nyms, are examined for the
presence of corresponding encryption keys. If OmniMix finds keys for
all 'To:' and 'Cc:' recipients and there are no 'Bcc:' recipients
(who would be uncovered by an encryption using their keys), the mail
gets encrypted and only header data mandatory for delivery are left
outside the protected block. At request the sender's signature is
added in the course of the encryption to prove the authenticity of
the sent mail.
Finally you have to tell OmniMix, who's allowed to use the single
private key / password combinations to sign outgoing and decrypt
incoming WME mails. Therefore go to the 'User' tab and mark for
every user the 'WME' mail addresses that belong to that account.
Now you've finished. All outgoing mails are processed dependent on
the WME mode ('WME' tab, 'disabled' / 'enabled' / 'required'). If a
message has to depart from that rule, then use the according header >directive. 'O-WmeSend-Mode: required' e.g. rejects a message that
can't be WME encrypted, with 'O-WmeSend-Mode: disabled' you would
even be allowed to send a usual anonymous mail to someone whose key
is present at the WME keys list. The 'Sign' setting within the WME >participants list is binding in any case. Therefore, if signatures
are requested, the WME encryption has to fail as long as the
password isn't properly set for the WME key or the WME item isn't
assigned to the user account.
...[end quote]
2.6.6 Bugfix: Size of Yamn Stats ListBox corrected.
Button to reset Tor status and thereby change the entry guard added.
Log list now also shows Tor startup parameters.
Tor updated to a modified version 0.4.8.0-alpha-dev (git-b733f9d6ace63c71)
custom build, which allows a variable circuit length from 2 to 9 nodes
(including respective OmniMix controls), and, in order to keep the TorIp
feature functional, removes the IP address retrieval ('getinfo address')
restrictions now providing also client instances with their IP address.
Path to location of GeoIP/GeoIPv6 files added to Tor's torrc configuration
file, obsolete 'CircuitIdleTimeout' parameter removed.
2.6.7 Bugfix: O-Newsgate-Number header switch had no effect on nym postings'
number of mail2news gateways.
Due to steadily shrinking remailer networks default value for parameter
MAXLAT increased from 2 to 3 and DISTANCE decreased from 20 to 4.
2.6.8 Tab dimensions reshaped to meet Linux Wine requirements.
2.6.9 Bugfix: Check of NNTP/SMTP/POP3 server login conditions revised with
Authentication mode option None removed.
Bugfix: File hash protection now ignores XP specific Tor .DLL files in
other Windows versions.
Switch for de-/activation of Tor safelogging of IP addresses added.
MINREL decreased from 97 to 95.
Tor updated to a still customized version 0.4.8.5 (git-4fc1bb3e86b263aa).
2.7.0 Bugfix: A concurrent access to the OmniNym .ini file while closing the Nym
Configurator led to an application crash.
At the Nym Configurator m2n@neodome.net added to the nym reply mail2news
default list.
Bixby <bixby@sctb.ch> writes:
Yes. Moderators as they exist now must be trusted in much the same
way.
Not reallty, moderators in the present system have no impacted on
privacy (because there isn’t any).
With regard to the inadvertant acceptance of subscription from an
adversary, there is some protection in that posts can be read only from
the time of subscription onwards. When there is a new subscriber,
there can be a post to the group, and users can moderate their posting
until trust is built up, and also individuals can at their own
discretion choose not to encrypt using the public key of any given
member, and so if they are unsure, they can hold off until they are
more comfortable - perhaps here we can imagine a feature, where-by
users indicate to their client a post is sensitive, and then it
encrypts using the public keys only of members who have subscribed for
a given period of time, or a particular subset of subscribers.
So:
- every participant must somehow decide whether every other participant
is really an attacker, not just the moderator
- discussion is inherently fragmented
in active unmoderated public newsgroup forums, lurkers probably
outnumber contributors (discounting spammers),
I propose then a second form of moderation, which is and is only
moderation of what is in effect membership of a group - members are able
to read and post, non-members cannot read or post.
We begin with an empty newsgroup, with a moderator of the new type.
For a user to subscribe, they create a private-public key pair and
provide the *public* key to the moderator.
If their application is approved by the moderator, the public key is
then distributed to all current members of the group.
All members hold then the public key of all other members.
It is possible to encrypt messages using more than one public key.
When a member posts, the post is encrypted by the NNTP client with the
public keys of every existing member, and then posted.
As such, the and the only people who can read that post are the existing members; they can all decrypt the message using their own private key,
which is secret to them.
Bixby <bixby@sctb.ch> writes:
If I understand this correctly, you have a forum with the following properties:
1. A forum with a limited audience, requiring people to join before they
are able to receive the messages.
2. A central point of authority who decides who should receive the
messages.
3. An automatic system for distributing new messages to all current
known recipients.
This is indeed a useful system, but I'm not sure why you would use NNTP
to implement it, since at first glance it sounds like a mailing list.
NNTP's flood-fill algorithm is incredibly wasteful in this system, since
it would send the messages to loads of people who can't read them.
I'm guessing that the appeal of NNTP in your design may be that you feel
like email addresses expose too much personal information about the recipients?
There have been a lot of proposals somewhat similar to this over the
years,
It is possible to encrypt messages using more than one public key.
When a member posts, the post is encrypted by the NNTP client with the
public keys of every existing member, and then posted.
I’m no cryptography expert, but my understanding is that things aren’t generally done that way. Rather, the message is encrypted only once with
a strong symmetric cipher, and then just that key is encrypted with the public keys of the intended recipients.
[...]
Everything you suggest still seems like it could be layered on top of the NNTP protocol as it already exists. People aren’t already regularly doing that because the result is far less useful than the existing public forum.
[...] Even assuming the moderator is trustworthy, as the number of
recipients grows, the probability that one of them is one of the group’s adversaries grows with it.
I would like to describe an enhancement to the NNTP protocol, with a view
to peer review.
# Rationale
I began using Usenet in about 1994. It was a remarkable forum -
possessing the property of being both public and yet private, as at that
time no one was archiving posts.
I may be wrong, but I think the property of being public and yet private nature of Usenet was special and of particular value.
I would like to recreate that property of being public and yet private,
which is exactly to say that posts can be read by and only by a given
group of readers. The news-servers cannot read posts, nor can anyone
outside of that group of readers - so no archiving by Google, or anyone
else.
# Design
[...]>
For a user to subscribe, they create a private-public key pair and provide the *public* key to the moderator.
If their application is approved by the moderator, the public key is then distributed to all current members of the group.
All members hold then the public key of all other members.
It is possible to encrypt messages using more than one public key.
Le 09/11/2023 11:25, Richard Kettlewell a ecrit :
[...] Even assuming the moderator is trustworthy, as the number of
recipients grows, the probability that one of them is one of the group's
adversaries grows with it.
Yes, and as soon as such a member exists, he/she may decide to re-publish any >message he/she has received so far on a completely public alt.* newsgroup.
For the first point, by and large, I imagine users posting to all
subscribers - trusting the moderator.
prevent the subscriber in question from reading their posts.
There are many problems which can occur, but most never do.
Ok, so each and every message would be sent in two parts, one being the message itself encrypted with one key, the other being the list of
couples (member identity, key encrypted with its public key).
I don't think that I would ever be a member of such a group, where every little message is completed with hundreds of useless stuff, just because
I will find one little information in this bunch of garbage... and where
I will have to decrypt each of these messages before even knowing if I
am interested by its contents!
Also, once joined, people can read only messages posted after they joined.
Couldn't you say newsgroups are like mailing lists and question why newsgroups exist?
The advantage is that NNTP is global and places a large number of groups/ mailing lists in one place. Accessibility and convenience.
All news-servers would receive copies of all messages, but people (in the sense of end-users of NNTP) would not; why subscribe to a group you cannot read?
Perhaps these costs are necessary to regain privacy, in its various forms (such as privacy within a group, as posited here).
No. I'm motivated by remembering how Usenet used to be, before it was tracked. Public and private. That's the goal; to be able to emit
messages which only a given group can read.
Le 09/11/2023 05:55, Doc O'Leary responded to Bixby :
It is possible to encrypt messages using more than one public key.
When a member posts, the post is encrypted by the NNTP client with the
public keys of every existing member, and then posted.
I'm no cryptography expert, but my understanding is that things aren't
generally done that way. Rather, the message is encrypted only once with
a strong symmetric cipher, and then just that key is encrypted with the
public keys of the intended recipients.
Ok, so each and every message would be sent in two parts, one being the >message itself encrypted with one key, the other being the list of
couples (member identity, key encrypted with its public key).
I don't think that I would ever be a member of such a group, where every >little message is completed with hundreds of useless stuff, just because
I will find one little information in this bunch of garbage... and where
I will have to decrypt each of these messages before even knowing if I am >interested by its contents!
A mailing list would much better do the task.
[...]
Everything you suggest still seems like it could be layered on top of the
NNTP protocol as it already exists. People aren't already regularly doing >> that because the result is far less useful than the existing public forum. >+1
Hello Bixby,
For a user to subscribe, they create a private-public key pair and provide >> the *public* key to the moderator.
If their application is approved by the moderator, the public key is then
distributed to all current members of the group.
All members hold then the public key of all other members.
Ok.
It is possible to encrypt messages using more than one public key.
You mean that a message encrypted with say 100 public keys could be decrypted by the only knowing of *one* of the 100 corresponding private keys?
I am very curious of that. Do you have a web page which explains this mechanism?
Of course, you will not ask any newsreader to implement it, so it will be the task of the moderator to receive the message in clear and encrypt it using the
100 public keys, before posting.
You mean that a message encrypted with say 100 public keys could be
decrypted by the only knowing of *one* of the 100 corresponding private
keys?
I am very curious of that. Do you have a web page which explains this mechanism?
On Thu, 09 Nov 2023 09:11:12 -0800, Russ Allbery wrote:
This is indeed a useful system, but I'm not sure why you would use NNTP
to implement it, since at first glance it sounds like a mailing list.
Couldn't you say newsgroups are like mailing lists and question why newsgroups exist?
On the other hand, most choices are about cost and benefit. Would
adding this functionality to NNTP contribute to a revival of use? in
this day and age of ubiquitous surveillance, perhaps it has considerable value.
[explanation of the mechanism for encrypting with more than one
public key]
For your reference, records indicate that
Bixby <bixby@sctb.ch> wrote:
Also, once joined, people can read only messages posted after they joined. >I have yet to hear why this is a desirable feature. There are indeedcertain contexts where "no history" is a feature, but topical discussions >that Usenet encourages benefit from FAQs and memes and other "timeless" >content.
I mean, you still need to chart out the use cases for these encrypted
groups. I'm hard pressed to imagine why I would join a group that has
I can't "binge" in order to understand what it's all about. For people >already in a group, it sounds like the ultimate form of Eternal September.
Couldn't you say newsgroups are like mailing lists and question whyYou absolutely could, and many do, and many no longer even know about
newsgroups exist?
Usenet and still use mailing lists. The fundamental feature Usenet
provided was discoverability. That is less needed these days, and is >absolutely destroyed by using encryption.
The advantage is that NNTP is global and places a large number of groups/Nah. The Internet has made the world small in a digital sense. Social
mailing lists in one place. Accessibility and convenience.
media has made a business out of putting information (and misinformation)
in everyone's pockets. Usenet is already a hard sell. Usenet with >encryption is not an easier sale.
All news-servers would receive copies of all messages, but people (in theBut that's the same reason that server admins would give for not accepting >those messages at all. Encryption is all the problems of binary groups on >steroids. This is actually where a change in the NNTP protocol would be >generally beneficial. Store-and-forward is inherently wasteful, and
sense of end-users of NNTP) would not; why subscribe to a group you cannot >> read?
really should be replaced by a demand-driven distribution of messages.
But other protocols already do that, so NNTP simply playing catch up isn't >going to bring in a lot of new users.
Perhaps these costs are necessary to regain privacy, in its various formsCertainly true, and I'm sure everyone here uses encryption in many other >contexts. But I still don't see a compelling use case for a public forum >like Usenet.
(such as privacy within a group, as posited here).
No. I'm motivated by remembering how Usenet used to be, before it wasIt was never private. Some messages simply got "lost" over time. That
tracked. Public and private. That's the goal; to be able to emit
messages which only a given group can read.
still happens, but it happens less and less because storage has gotten so >cheap and spying on people has gotten so profitable. Encryption would
help "lose" messages to a certain degree, but it's a tricky thing to make >usable on a system like Usenet. You can already dead-drop encrypted
messages in newsgroups, though, so nothing inherently needs to change
above the client level.
Le 09/11/2023 11:25, Richard Kettlewell a écrit :
[...] Even assuming the moderator is trustworthy, as the number of
recipients grows, the probability that one of them is one of the
group’s adversaries grows with it.
Yes, and as soon as such a member exists, he/she may decide to
re-publish any message he/she has received so far on a completely public alt.* newsgroup.
For your reference, records indicate that Bixby <bixby@sctb.ch> wrote:
For the first point, by and large, I imagine users posting to all
subscribers - trusting the moderator.
But why? Or, put another way, what real purpose does the moderator
serve?
prevent the subscriber in question from reading their posts.
But only directly. The very nature of discussion threads means messages
get quoted in whole or in part.
There are many problems which can occur, but most never do.
By that same measure, I struggle to see the occurrences of the problem you’re trying to solve for in this encryption scheme.
On 2023-11-10 12:18, Olivier Miakinen wrote:
Of course, you will not ask any newsreader to implement it, so it will
be the task of the moderator to receive the message in clear and
encrypt it using the 100 public keys, before posting.
No, point was to add logic to newsreaders and use the UseNet servers for distribution of encrypted posts and moderator announcements of
membership changes.
Personally, I find the entire plan counterproductive to the traditional
use of UseNet, though it may make sense as a means of keeping past correspondence out of view of future meatspace contacts (such as future employers).
I do not know of a system which is large scale and public but which
offers *non* permanence of record.
On 2023-11-10 12:18, Olivier Miakinen wrote:Yes.
Of course, you will not ask any newsreader to implement it, so it willNo, point was to add logic to newsreaders and use the UseNet servers for
be the task of the moderator to receive the message in clear and
encrypt it using the 100 public keys, before posting.
distribution of encrypted posts and moderator announcements of
membership changes.
Personally, I find the entire plan counterproductive to the traditional
use of UseNet, though it may make sense as a means of keeping past
correspondence out of view of future meatspace contacts (such as future
employers).
I would say though that non-permanence of record is central to normal
human life and interactions. When we meet new people, they do not have >access to our full history of speech, writing, behaviour, and so on.
I do not know of a system which is large scale and public but which offers >*non* permanence of record.
Your system essentially proposes to make it not public, which is the
obvious solution, but the trade-off is that then it's, well, not public,
with all that entails (no casual browsing, no casual discovery, an
ongoing requirement for policing the boundary of the group, arguments
over membership, etc.).
There are a bunch of ways to create private
discussion systems and your system has some interesting trade-offs that
may put it at a different place in that spectrum, but it's still broadly
the same solution: get rid of the public part.
If you want to stop archiving in a world with ubiquitous archiving, I
think you're going to be stuck with small, private, controlled forums
with a sufficiently small number of participants that you're below
Dunbar's number and can rely on effective community pressure to keep
people from breaking the social contract and maintaining or publishing
an archive.
Technology can manage the membership process, but it can't
make words harder to archive and republish.
(And even then, I bet
people will retain private archives, which always have the possibility
of leaking.)
if natural law has anything to say about it, then for every action there
is an equal and opposite action; unmoderated newsgroups encourage
openness not secrecy
Bixby <bixby@sctb.ch> writes:
On Thu, 09 Nov 2023 09:11:12 -0800, Russ Allbery wrote:
What netnews provides over mailing lists is local caching and local
archiving using a much more convenient protocol than mailing list
archives (which are not standardized). Each site pays the cost of
message transmission and reception only once, no matter how many local
users want to read the message, and any local user can see all the
recent messages, as opposed to the normal mailing list situation where
you can only see the messages sent after you joined.
Your system is getting rid of the two big advantages of netnews: the
people receiving the messages is limited,
and archives are useless since
you can't read them until after you join. So it doesn't benefit from
the two primary features of NNTP.
It *does* arguably benefit from the distributed infrastructure, although
you still have the moderator point of failure.
I suppose the other advantage I can think of is that running a mail
server in this day and age is a giant pain in the ass because of spam filtering,
On the other hand, most choices are about cost and benefit. Would
adding this functionality to NNTP contribute to a revival of use? in
this day and age of ubiquitous surveillance, perhaps it has
considerable value.
It just feels simpler to use encrypted mail if you're not worried about exposing email messages, although I suppose the flipside of netnews and
email being so similar is that you can pretty easily implement anything
with either. But the floodfill approach only seems warranted if it's moderately likely that any site will have some readers.
On Fri, 10 Nov 2023 13:44:09 -0000 (UTC), Doc O'Leary , wrote:
For your reference, records indicate that Bixby <bixby@sctb.ch> wrote:
For the first point, by and large, I imagine users posting to all
subscribers - trusting the moderator.
But why? Or, put another way, what real purpose does the moderator
serve?
To prevent archivers from subscribing to the group.
If the group is open, archivers (such as Google Groups, or TLAs) can subscribe and copy everything.
Moderators factorize the effort required for subscriber validation.
Rather than all subscribers needing to perform validation on all new
users, the moderator alone undertakes this task.
prevent the subscriber in question from reading their posts.
But only directly. The very nature of discussion threads means messages get quoted in whole or in part.
Yes. That's a good point. However, such quoting is going to be much less
in quantity of text than all posts being readable.
The purpose is to provide a large-scale public forum which at the same
time is private to given groups, and which has non-permanence of record.
if natural law has anything to say about it, then for every action there
is an equal and opposite action; unmoderated newsgroups encourage
openness not secrecy
They continue to exist.
Note also openness necessarily means the absence of privacy.
Privacy has its place, too.
We do not as humans or groups of humans function in a completely public,
or completely private fashion.
Archives - long retention - was not always a properly of news. Back in
the late 90s, retention was for a week or so. My argument of course is
that for some use cases, this is advantageous, and we should look to
obtain this functionality.
On Fri, 10 Nov 2023 09:15:25 -0800, Russ Allbery wrote:
I suppose the other advantage I can think of is that running a mail
server in this day and age is a giant pain in the ass because of spam filtering,
Amen. I gave up running my own SMTP server. No matter what I did,
delivery was poor, and it was based on IP. You have to pay for a
reputable IP. Personal SMTP is a thing of the past.
Being part of news solves the discoverability problem. That's critical. Google et al are now overwhelmed by SEO.
Yeah, I’m not buying it. I can’t think of a single use case where I would trust some unknown moderator to completely screen anonymous subscribers. You’d do well to think critically about how this would
play out in reality. I still see it as Eternal September v2.
On Fri, 10 Nov 2023 09:15:25 -0800, Russ Allbery wrote:
What netnews provides over mailing lists is local caching and local
archiving using a much more convenient protocol than mailing list
archives (which are not standardized). Each site pays the cost of
message transmission and reception only once, no matter how many local
users want to read the message, and any local user can see all the
recent messages, as opposed to the normal mailing list situation where
you can only see the messages sent after you joined.
The more established mailing lists sometimes have web-based archives.
Archives - long retention - was not always a properly of news.
Back in the late 90s, retention was for a week or so.
It *does* arguably benefit from the distributed infrastructure,
although you still have the moderator point of failure.
Already the case for existing moderated groups. If the moderator goes
away, or goes bad, a replacement must be found. The existing mechanisms
for this can be used for the new type of moderator.
Amen. I gave up running my own SMTP server. No matter what I did,
delivery was poor, and it was based on IP. You have to pay for a
reputable IP. Personal SMTP is a thing of the past.
Being part of news solves the discoverability problem.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 307 |
Nodes: | 16 (2 / 14) |
Uptime: | 69:46:43 |
Calls: | 6,915 |
Files: | 12,380 |
Messages: | 5,431,960 |