Subject:
|
Re: E-mail authentication during posting
|
Newsgroups:
|
lugnet.admin.nntp
|
Date:
|
Mon, 18 Jun 2001 13:34:43 GMT
|
Viewed:
|
513 times
|
| |
|
|
In lugnet.admin.nntp, Frank Filz writes:
> Matthew Miller wrote:
> >
> > Iain M Barker <imb@clara.net> wrote:
> > > A public news server that I use allows people to connect and read messages
> > > freely, but requires a username/password to post, so it shouldn't be
> > > unfeasible to do that here. You'd still need to do some additional checking
> > > to ensure the username matched the sender's name, though.
> >
> > It's that second part that's tricky. The first part doesn't help, because
> > once logged in as anybody, you can post as anybody else.
>
> Do we have to worry that much about that? I think the primary concern is
> to have a reasonable way to block posting by unauthorized folks. If you
> abuse your priviledges, your NNTP ID/password would be revoked.
It's already been proven that revoking priviledges doesn't work. Whatever fix
is put in needs to address the problem as much as possible before it gets to
the revokation point, IMHO. Sure you can revoke an ID/password but what is to
stop them from getting another one? Possibly something could be tied to you
member ID but I don't know if that is reasonable or not.
I told Todd that from a web perspective I consider this a "benefit of
membership". I understand that there is an added inconvenience for NNTP folks
and maybe Todd can do something for NNTP members but going back to a "leave an
opening and react later" attitude is not the way to go.
Todd needs to reduce the threat as much as possible first and improve the
process later IMO. If there is a technilogically feasible way to make things
better I think Todd will do it. For now take solice in the fact that it is
much harder for your ID to be stolen and having people disrupt the community.
My 2 cents,
Eric Kingsley
|
|
Message has 1 Reply:
 | | Re: E-mail authentication during posting
|
| "Eric Kingsley" <kingsley@nelug.org> wrote in message news:GF4oDv.5ww@lugnet.com... (...) fix (...) to (...) is to (...) you (...) This new system has little benefit over the existing open one if you look at it from the view of being able to block (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
Message is in Reply To:
| | Re: E-mail authentication during posting
|
| (...) Do we have to worry that much about that? I think the primary concern is to have a reasonable way to block posting by unauthorized folks. If you abuse your priviledges, your NNTP ID/password would be revoked. (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
|
13 Messages in This Thread:
  
- Entire Thread on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
This Message and its Replies on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
|
|
|
|
