|
Grex > Coop11 > #254: Grex's ID policy - email with account usgov |  |
|
| Author |
Message |
| 25 new of 133 responses total. |
remmers
|
|
response 88 of 133:
| 
Apr 17 20:24 UTC 2001 |
(Re #86, I'm curious what kind of "script" was needed in order for
usgov to post. A lot of people post here who are computer novices
and never got anything special from the management to help them do
so.)
|
carson
|
|
response 89 of 133:
|
Apr 17 21:59 UTC 2001 |
View hidden response.
|
carson
|
|
response 90 of 133:
|
Apr 17 22:00 UTC 2001 |
(resp:89 is in response to resp:88. I expurgated it because it's not
terribly relevant to the item.)
|
mary
|
|
response 91 of 133:
|
Apr 17 22:18 UTC 2001 |
Too, discussion seems to be focusing on registered corporate
entities, but Grex also welcomes organizations which are
not formally structured and legally defined. I think we are
pretty open and welcoming here and our policy is a nice fit
for our abilities.
I have to think this is a huge miscommunication. usgov, if up
to no good, could have easily sent along some bogus ID when
first asked. He/she didn't. We are a weird group, with
priorities that might not make a whole lot of sense if you
hadn't been here to watch the system develop. usgov is way into
privacy, and most of us might even agree, in theory. But there
are practical concerns when you open your doors and unleash
people on the Internet. We are not rich enough to afford to
get into trouble so we must be cautious. Asking for ID, on
the honor system, isn't really that cautious, actually, and
certainly shouldn't be seen as offensive. Maybe, once
usgov gets a chance to know us better, he or she will agree.
Until then we should thank the organization for the donation
but tear it up or send it back.
|
rcurl
|
|
response 92 of 133:
|
Apr 17 23:00 UTC 2001 |
Mary, I mentioned "clubs" as members, in #78.
usgov says "Mark asked why "usgov" for what purpose. The purpose would be
for any employee who wanted to know about computers, shell accounts, etc.
to get some experience." For this purpose, membership is not required, at
least for e-mail, using a shell account for any (legal) purpose, setting
up a web site, and for conferencing. Membership is only required for
telnetting from Grex, and it is for that purpose alone that identification
is requested, so that misuse of telnet can be addressed. In fact, each
employee of PE&S is free to create his/her own account. It would be more
educational than a number of users using a single institutional account
(they could chat with each other - you pay employees to chat??) Membership
is *appreciated* for the support of Grex, whether or not a user uses
telnet.
I gather from reading the Missouri State website that the only legal and
public contact a corporation must have is a resident agent, for whom an
identity, address and phone are available (and the resident agent should
be expected to respond to communications). I would therefore think that if
PE&S wants an institutional membership, and Grex wants identification,
that the information about the resident agent, and the corporate EIN, must
suffice.
|
jep
|
|
response 93 of 133:
|
Apr 17 23:20 UTC 2001 |
I think someone might explain to usgov that Grex is a very small
organization, run by volunteers, with a budget of a few thousand dollars
per year sent as voluntary contributions by those who think Grex is
worthwhile. Grex doesn't have any lawyers, except those who log in and
offer free advice from time to time. The entire budget goes into
maintaining a 10 year old computer system, several phone lines, and an
Internet connection, along with a few necessary accessory expenses such
as insurance. There are no paid staff, no corporate office, and there's
no paid advertising done to promote the system. Everyone running Grex
is doing the best they can to stretch *very* limited resources to cover
a pretty nice and interesting service.
Also, I don't know what usgov needs from Grex, but I don't think a
corporate membership donation is going to get any tangible benefits.
The only two benefits I know of for any members are a vote and outbound
Internet service (through an ISDN line shared with 60 or 70 other
people). Do corporate members get even these things? Usgov can support
Grex by just making a donation. It's employees are all welcome to
create their own accounts and use them to their hearts content. I've
been a user here since the first day Grex opened to the public. I've
been a member at times, but am not currently a member; it hasn't
affected the usability of Grex for me in the slightest.
|
russ
|
|
response 94 of 133:
|
Apr 17 23:58 UTC 2001 |
I read "usgov"'s response, and my BS detector went off the scale.
Grex is available for EVERYONE to learn shell scripting and other
Unix practices, for free. It's one of the services Grex provides.
If PE&S wants to assist Grex to stay open and provide this benefit
to the world in general (including PE&S), PE&S can convert the check
to an unrestricted donation; they do not need a membership.
Grex's connection to the world is rather slow, and PE&S would probably
be better served by taking an old PC and loading a copy of Red Hat
on it. If they ordered Red Hat from cheapbytes.com their total cash
expense would probably be under $60, perhaps under $20.
The only possible benefit that PE&S could obtain by having a membership
in Grex is the ability to hide behind our internet access. Why go to so
much trouble to hide if you're doing nothing that would attract negative
attention? I don't think that this is a good thing to train people to
do, and I don't think that we should support anyone in the attempt.
In closing, usgov has failed to respond to the legitimate concerns of
the Grex board and membership as expressed here. The user behind the
account has chosen to hurl accusations instead. I am now in favor of
rejecting the membership application and destroying the check.
|
aruba
|
|
response 95 of 133:
|
Apr 18 00:24 UTC 2001 |
usgov sent me an address which I can send the check back to, if that's what
we decide to do. (We seem to have almost reached a consensus on this
point.)
Rane: you keep saying that we ought to accept a resident agent's address as
ID. That is contrary to our current policy, which was voted and approved by
the board. If you think we should change the policy, you should say so in
item 255 and/or make a motion in a new item.
As for Hamlet, I was quoting from the Pelican Books edition. If it's good
enough for them, it's good enough for me.
|
other
|
|
response 96 of 133:
|
Apr 18 03:20 UTC 2001 |
Once again, I would like to reiterate that the ONLY relevant issue here
is outgoing telnet access to the internet provided to INDIVIDUALS.
We do not provide this to Corporate entities, because Corporate entities
cannot be responsible for misuse of the access.
User usgov argues like a desperate man, with only the thinnest veneer of
credibility to *some* of his arguments, and thinly veiled threats for the
rest.
In the interests of Grex, I as a member of Cyberspace Communications
Incorporated do hereby move that the application for institutional
membership by user usgov be rejected immediately, and that the check
provided to secure that membership be either returned or destroyed within
one week after passage of this motion.
|
other
|
|
response 97 of 133:
|
Apr 18 03:27 UTC 2001 |
I'm going to relocate the above motion to an item specifically for it.
|
aruba
|
|
response 98 of 133:
|
Apr 18 03:28 UTC 2001 |
We do allow institutional members access to all internet protocols, Eric.
|
other
|
|
response 99 of 133:
|
Apr 18 03:44 UTC 2001 |
As I've stated before, that access is IN PRACTICE, if not in theory,
predicated on the responsibility of an individual person.
We grant institutional memberships to individual persons on behalf of
organizations, based on the willingness of those individual persons to
take responsibility for the use to which the access is put, as evidenced
by their meeting of the validation requirements.
|
rcurl
|
|
response 100 of 133:
|
Apr 18 06:42 UTC 2001 |
Re #95: I have suggested that a corporations resident agents name,
address, phone number, and the corporations EIN, should be sufficient ID,
as this is all vouchafed by the State. This is even more secure than the
personal ID of an individual claiming to represent the corporation.
On the other hand, it is more complicated than this, as Grex does accept
personal ID from a person claiming to represent a club or even a
non-profit corporation, on a very informal basis. Well, Grex is an
informal organization, and all it wants to be pretty sure that there is a
low probability of a member causing mischief, and to have some recourse
for correction if such occurs. I can understand a reluctance to not
generate separate rules for individuals, unincorporated clubs,
incorporated non-profits, for-profit corporations, and ????. And I'm
reluctant to take a stab at it.... 8^}
|
albaugh
|
|
response 101 of 133:
|
Apr 18 06:45 UTC 2001 |
According to #96, corporate members do not get outbound telnet (ftp etc.)
access. And since they don't get voting privileges either, the only reason
left to have a corporate membership is to avoid account reaping due to
inactivity. That's the only thing they get for their money. Does usgov
understand that?
Without outbound telnet, I'm not as concerned about verification of account
"ownership". But quite frankly, it's my belief that choice of usgov as
account ID was no accident - experienced users know that there are thousands
of inexperienced users out there that are quite willing to believe that
something from ID usgov - even if from usgov@cyberspace.org - must really
be from the US government. Who knows what fraudulent spamming schemes could
be used, e.g. "This is the US government, you must send us your SSN for
verification." How many seniors, new to the internet, might actually fall
for that? Of course, that doesn't require outbound telnet access to
perpetrate, e-mail would suffice. But usgov's argument would be 10 times
stronger if it had chosen an ID such as pes or peands.
I still say that there is a dead fish smell in the air about this whole thing.
|
aruba
|
|
response 102 of 133:
|
Apr 18 13:05 UTC 2001 |
#96 is misleading. Institutional members' login ids are indeed added to the
internet group, so someone using that account can use telnet, ftp, etc.
|
gull
|
|
response 103 of 133:
|
Apr 18 15:00 UTC 2001 |
I have to say I'm disappointed with the way this is being handled.
I think the best course of action would have been to tell them, "we're
sorry, but this is our current policy. If you don't want to follow it,
we can't make you a member." I think usgov's arguments about why the
policy is incorrect are interesting, but they don't require us to do
anything. We aren't obligated to take anyone as a member.
I kind of cringe at the combative tone people are taking in this item.
If I had been treated this way when I came to Grex, I wouldn't have
stayed. We're acting in a really unfriendly manner, over what's
basically a difference of opinion.
I am *appalled* that we now have a motion singling out a specific
user. I don't think that's a polite or businesslike way to do things,
and I think it smacks of viciousness -- someone doesn't like usgov's
attitude, so they're going to "punish" them with a public motion
suggesting we do what we should have done through simple procedure. I
don't think this is a can of worms we want to open. What's next?
Motions to remove certain users because we don't like their political
attitudes?
|
jp2
|
|
response 104 of 133:
|
Apr 18 15:05 UTC 2001 |
This response has been erased.
|
rcurl
|
|
response 105 of 133:
|
Apr 18 15:41 UTC 2001 |
albaugh is incorrect in #101 when he says "And since they don't get voting
privileges either, the only reason left to have a corporate (sic)
membership is to avoid account reaping due to inactivity. That's the only
thing they get for their money." This is only the selfish perspective.
I obtained four institutional memberships for non-profit organizations
(one was not incorporated at the time) for whom I used Grex accounts for
hosting web sites and for e-mail addresses for them. Since these did not
involve telnet access from Grex, it was not required to even have
memberships for them. So why was it done? To support Grex.
It would help Grex if more users took this charitable perspective.
I agree with albaugh that the choice of the ID "usgov" does sound like the
several junk mail advertisers that use language or address formats to make
their junk sound like government mailings: anything to get the recipients
to at least open, and maybe even be intimidated into sending money (if
they are stupid enough). Even if this is not usgov's intention, he puts
himself into the position of being viewed that way by almost anyone with
even a minimum of experience with internet use. I do not think, however,
it can be considered a disqualification until something illegal is done.
The company he claims to represent (this is not yet confirmed), however,
might take a dim view of the implications of the choice of such an ID.
|
cmcgee
|
|
response 106 of 133:
|
Apr 18 16:19 UTC 2001 |
I have a motion on the floor already: that we reaffirm our current policy.
|
aruba
|
|
response 107 of 133:
|
Apr 18 16:34 UTC 2001 |
(You should enter that in a separate item, Colleen, if you'd like the
membership to vote on it.)
Sigh. albaugh's #105 was based on a misunderstanding of other's response.
So was incorrect in saying that institutional members receive no benefits
for membership other than protection from reaping. They also receive full
internet access.
|
rcurl
|
|
response 108 of 133:
|
Apr 18 17:42 UTC 2001 |
...and the good feeling of supporting a worthwhile charitable organization...
|
albaugh
|
|
response 109 of 133:
|
Apr 18 19:11 UTC 2001 |
I don't know how many altruistic "good feelers" there are out there... ;-)
|
flem
|
|
response 110 of 133:
|
Apr 18 19:47 UTC 2001 |
Rane mentioned earlier that we should accept the resident agent of a
corporation's name, address, etc. as contact information for a institutional
membership. This is certainly not unreasonable. What we also need, however,
is confirmation *from that person* that he or she authorizes the account.
To do so, we need some kind of confirmation that the person we're talking to
in order to get this confirmation is in fact the person we think it is.
Hence, we get right back to our current ID policy: requiring personal ID for
the contact person.
What usgov is asking us to do is to take his word for it that he's the
resident agent for PE&S, without providing any identification to prove this
claim. It would clearly be irresponsible for us to do so.
Usgov, you're right that Grex is not in the verification business, and we
probably wouldn't know if someone provided us fake id. We do, however, have
to make a good faith attempt to verify the identity of our members. A good
faith attempt does not require us to go to extraordinary lengths to verify
that the user is not trying to commit fraud or impersonate someone else, but
we do have to get some identification. We're sorry, but in this day and age,
taking your word for it that you represent PE&S would be negligent of us.
|
pfv
|
|
response 111 of 133:
|
Apr 18 19:55 UTC 2001 |
If the banks expect an ID AND signature , for those capable of
signing a check, I see no reason to expect less from grex and
their "business accounts". Anything less is folly.
Nastiness has nothing to do with a twits attempt to subvert or
change a process.
|
swa
|
|
response 112 of 133:
|
Apr 19 03:56 UTC 2001 |
Usgov -- do you understand the difference between being a user and being a
member? A lot of organizations use the term "member" to mean "anyone who
participates" - on Grex a member is someone who agrees to contribute money
in exchange for certain extra privileges. Contributing money is
because they want to support Grex, and who receive certain (not huge)
extra privileges in return. Contributing money is absolutely *not*
required in order to use Grex. Some of your comments lead me to think
maybe that distinction hadn't been made clear to you.
I'd also suggest you read our bylaws
(http://www.cyberspace.org/local/grex/bylaws.html) to familiarize yourself
with how Grex works and get an understanding of why we've reacted so
harshly to some of your suggestions, like that only corporate members
should vote on the membership -- read the bylaws and you'll understand
that members don't vote on new memberships at all, corporate members don't
vote, and no individual member can be excluded from voting on anything.
I agree with those who've said your choice of login is dubious at best.
But I also agree with Mary that there seems to be at least as much
miscommunication her as anything else. Read up on how Grex works and
maybe you'll understand why we've responded as we have.
|