|
Grex > Coop6 > #26: Policy for non-members to post to Usenet | |
|
| Author |
Message |
srw
|
|
Policy for non-members to post to Usenet
| 
Oct 28 02:04 UTC 1994 |
The members of Grex passed a new policy governing the internet, but it has not
gone into effect yet. When in does, there will be two components to it:
(1) Certain outgoing protocols will be permitted for all users.
These include talk, finger, gopher, and probably some others I cannot remember.
Other protocols will continue to be restricted to use only by members
while the internet link is so badly saturated. These include
at least telnet, ftp, and all unknown protocols.
(2) Posting and responding to Usenet will be liberalized so that it will
no longer be required for one to be a member to post. It will not be
fully open though. Grex needs to be certain it can identify the individual
who is posting or responding to Usenet. This is to ensure that Usenet is
not misused by an irresponsible user. Aside from this requirement, full
use of Usenet will be free.
Component (1) cannot be placed in effect until the staff can recompile the
kernel with new patches. This will have to wait until the staff has resolved
the critical reliability problems plaguing Grex.
Component (2) can be placed in effect as soon as we have a clear policy
which delineates what identification is required to permit access to usenet
by non-members. We will also need a volunteer to maintain the list of
validated non-members who will have access to Usenet.
I know, I know. Usenet is broken at the moment. Let's try to look past our
Usenet problems of the day and plan for when we can implement the members'
wishes and open usenet up to all who want it.
The real purpose for my entering this item is to get a discussion going
on the subject of what constitutes sufficient identification for us to
permit access to Usenet. This was not spelled out in the member's vote.
My position is that we are doing this to meet our own needs only.
If someone abuses Usenet, we need to be able to revoke their privileges,
or at least have a credible threat to do so. That is the reason for this
policy. I think we should accept any ID issued by an official agency
such as a government, school, library, etc, providing that it identifies
the person by name and has one other (non-picture) identification, such
as address, phone number, social sec#, driverlicense#, passport#, etc.
A photocopy of that ID should work.
We will also need an acceptable volunteer to maintain the list of
non-members with Usenet access. The treasurer will continue to maintain
the list of members.
comments? suggestions? flames?
|
| 133 responses total. |
kentn
|
|
response 1 of 133:
|
Oct 28 02:27 UTC 1994 |
It's been a while, but I think the Cleveland Freenet required a
photocopy of a driver's license and a signed statement of compliance
with whatever rules of useage they have. That's just one example
of an organization using a particular type of ID. Does anyone else
have other examples?
Based on everyday experience in getting ID'd for various and
sundry purposes, I'd say srw's list is reasonable. It should even
work for people outside the U.S.
Will the "acceptable volunteer" be selected by popular acclaim
or by Board vote?
|
brenda
|
|
response 2 of 133:
|
Oct 28 02:43 UTC 1994 |
I'd volunteer to handle the "list". I am unable to download from
merit, but i can keep it here on grex, I would suppose. If it's
necessary for me to have it on my home system, I can always receive
faxes from some nice person.
Other than a slight technical difficulty there, I would be happy to
volunteer.
|
chip
|
|
response 3 of 133:
|
Oct 28 02:52 UTC 1994 |
My account at Cleveland Freenet required only a signed statement
-- no photocopied document. Regardless, I support the "list"
as stated by srw. also believe that any voting member(s) should
be acceptable volunteers.
|
rcurl
|
|
response 4 of 133:
|
Oct 28 03:29 UTC 1994 |
I think srw's list is fine, too - especially the "etc" ;->. The
essence, of course, is confirmable identification. We tried to define
this once before, and the list got longer and longer and... so the
general definition is, IMHO, desirable.
|
cicero
|
|
response 5 of 133:
|
Oct 28 07:02 UTC 1994 |
Does the Cleveland Freenet permit Usenet posting? We need to make sure that we
look at systems that have open posting.
|
steve
|
|
response 6 of 133:
|
Oct 28 22:34 UTC 1994 |
Does it matter? I wouldn't mind seeing us provide it, as long as
we can take a few steps to cover ourselves if we ger royally flamed
for something "bad" that a poster does. Since 99.75% of all folks are
completely good, I think this system will work. Back in the olden days
of 1991, I was a part of the group that said keep it as a perk for
members. Technology has changed that, so we should too.
|
chelsea
|
|
response 7 of 133:
|
Oct 28 22:34 UTC 1994 |
I like Steve's list. Most school cards identify the school and the kid
but don't include the student's home address on the card. Would
this be proof enough for a student? I'd hope so.
|
rcurl
|
|
response 8 of 133:
|
Oct 28 23:02 UTC 1994 |
I would think so. Even more than usual - the school records are *very*
detailed, and generally accessible (for id information).
|
kentn
|
|
response 9 of 133:
|
Oct 28 23:18 UTC 1994 |
I'm assuming that aside from the fact that we can nuke someone's
account here on Grex if they do Bad Enough Things (tm) [and big deal,
since they can get another one...but not posting privileges with the
same ID], that Cyberspace, Inc. might use such ID information to give
to whatever law enforcement persons investigate fraud on the Internet
and such. Is that correct? If so, we should be honest with people as
to what situations could prompt Grex to use the ID information.
(Unless we're just collecting ID's for the fun of it).
|
steve
|
|
response 10 of 133:
|
Oct 29 02:25 UTC 1994 |
Just to throw a wrench in the works: how do we verify that a
school ID is real? The paranoid side of me says that the populace
that is most likely to want to try and provide bogus ID is the same
group whose official ID comes from thousands of different authorities
around the US, as opposed to 50 or so state IDs. [This is why verification
is such a sticky issue].
|
rcurl
|
|
response 11 of 133:
|
Oct 29 02:59 UTC 1994 |
Isn't the question then, shouldn't the Great Verifier *do* a verification
upon receipt of whatever?
|
srw
|
|
response 12 of 133:
|
Oct 29 03:28 UTC 1994 |
Since the school ID may be from a school anywhere in the world,
(the passport may be too, as may any other form), I'd say no.
It would become expensive and time-consuming. This is a compromise,
because doing the verification would make it tougher to supply us
with faked ID. I don't think we want to work that hard to detect
and reject faked ID. I really don't think we'll be successful
even if we went to the expense.
I was thinking of the volunteer as providing two things:
(1) an adress for people to send the material, and
(2) the expertise to manipulate the information in /etc/group that
would identify those IDs which were eligible.
|
scg
|
|
response 13 of 133:
|
Oct 29 04:11 UTC 1994 |
Limiting school IDs would not be a good idea, IMHO. While they can be
harder to verify, they are the only ID a lot of our users have. To not
accept school ID would be to alienate a lot of people -- people who are
often already treated as second class citizens due to their ages. The
thing we should really be going for here is to make the process as little
of a pain as possible, both for the person being verified and the
verifier. As long as it gives us some idea of who the person is and where
to find them, it should satisfy us.
|
steve
|
|
response 14 of 133:
|
Oct 29 16:35 UTC 1994 |
Playing devil's advocate here: I believe nyx asks if you are underage
to get a parents signature. Yucckk. How do we build an argument against
that (I'm NOT saying we should do that!)?
|
cicero
|
|
response 15 of 133:
|
Oct 31 02:30 UTC 1994 |
Steve, I think that 1st amendment rights do extend to minors, dont they?
We can probably base an agrument for allowing minors access on that basis
if no other. If a parent objects to his son or daughter being on Grex it
is that parent's job to prevent access. Not ours.
|
scg
|
|
response 16 of 133:
|
Oct 31 04:08 UTC 1994 |
There are lots of things that minors are allowed to do without
getting a parent to sign a form. Some of these things that are similar
Grexing would be going to a library, interacting with people in a public
place, or even talking to friends on the phone. There are also other
thing that could potentially cause much more harm to a person than Grexing
could, such as making very expensive purchaces that might end up making
them broke for a long time. To require a parent's signature to use Grex
when there are so many other things that don't would be overkill.
Besides, any parents who are worried about what sorts of ideas their
children might be exposed to by using a computer can always supervise
their kid's computer use.
Then, there's the problem of how we verify that a signature is
that of a parent, and not just a forgery. If we say we are going to keep
minors out unless they have permission from a parent, we are going to
create the responsabilityfor us to do that. Assuming that responsability
would bad, since we'd have no way of ever making sure we got the real
signature.
Far more important is how we want minors to feel on the system.
One of the things that's so wonderful about Grex so far, I think, is that
people are looked based on the quality of what they say, not on how old
they are. To create any special hoops for underage people to jump through
would alienate a lot of people. Afterall, if we stop treating people
equally regardless of age, there are always a few other systems where
people could go and get the respect they want and deserve.
There's also an issue of convenience. We should really be pushing
to make this authentication process as easy as possible, and the more
people need to sign the form the more complex it will get. It would cease
to be something that people could just decide t fill out and send in.
Rather, it would be soemthing that people would have to go track down
their parents nad get them to sign.
In fact, as I wrote this, I'm having trouble thinking of reasons
why we should require a parents signature. We can't guarantee that they
won't come across anythign pornographic, but there are no guarantees of
thatin the rest of society either. Yes, it's sometimes good to have
parents involved inwhat their kids are doing, but given some of the
comments I've seen here about some of our users' parents, I'm not sure we
want the parents to know they are hear, and to feel compelled to come in
and read the stuff. Without parental involvement with Grexing, Grex can
be an important sounding board for problems with parents that the parents
might not even want discussed.
This is not to say that there are no good things about asking for
parents' signatures, but we have to figure out at what cost to the culture
of Grex they would be. IMO, the problems of such a system would far
outweigh the advantages.
|
rcurl
|
|
response 17 of 133:
|
Oct 31 05:50 UTC 1994 |
I also see no reason for obtaining parental permission for a minor to
use grex. Perhaps some parents would not approve of everything that
happens here, for their children, but the same can be said with respect
to (as scg says) libraries, schoolyards, "on the street", etc. Grex
is definitely less a problem than a minor's peers. I think a bigger
problem that Grex may pose for parents is that it can absorb too much
of the minor's time, at the jeopardy of their school work and other
responsibilities. But, so can (e.g.) Magic! I think it is the parents
responsibility to know what their children are doing, and to control it
according to their own standards.
|
jshafer
|
|
response 18 of 133:
|
Oct 31 06:01 UTC 1994 |
A couple of years ago I lost my driver's licence. All the Secretary of
State's office wanted to prove my identity was three things with my name
printed on them--a photocopy of a report card, a check, a library card, or
a social security card would all qualify. Why make this complicated? If
someone doesn't have a driver's license or a passport, surely they could
come up with a couple of these? And if they are in doubt they could ask
the verifier if something would qualify before going through the trouble
of mailing it.
|
rcurl
|
|
response 19 of 133:
|
Oct 31 16:04 UTC 1994 |
That's why I favor a policy that leaves it up to the verifier to obtain
identification that serves to prove the identify of the user. Nothing
more needs to be specified, and certainly not a list of acceptable
identifiers.
|
chelsea
|
|
response 20 of 133:
|
Nov 1 12:41 UTC 1994 |
I disagree. The criteria should be clear and consistant and
the verifier's job objective not subjective.
|
rcurl
|
|
response 21 of 133:
|
Nov 1 14:26 UTC 1994 |
But that's not possible, or at least not reasonable, as a user might
have some form of personal identification that is perfectly useable
and valid, but which we didn't think of, so it isn't in our "list".
Say, a photo ID as an FBI agent? (Just to mention one not yet
mentioned.)
|
steve
|
|
response 22 of 133:
|
Nov 1 14:34 UTC 1994 |
I mostly agree with Mary, but what about the cases where the
person doesn't have the material we're talking about?
Perhaps we can some up with a list of things, and see how
that goes. When (not if) we bump into a case that needs something
else for verification, we can then add that thing to the list.
Does that sound flexible enough? I can readily see Mary's
point about not wanted the verifier to get into trouble because
someone complains about being unfairly rejected, not to mention
the stress on the person doing the verifying.
.
|
rcurl
|
|
response 23 of 133:
|
Nov 1 14:37 UTC 1994 |
I was thinking more of the user being fairly accepted, than unfairly
rejected. I have no problem with a list of acceptable IDs, but would
like the verifier to have the option of accepting equally good or
better IDs (such as the example I gave).
|
kentn
|
|
response 24 of 133:
|
Nov 1 15:13 UTC 1994 |
The list of acceptable ID's already proposed will probably cover
90+% of all instances. The rest can be handled on a case-by-case
basis.
|