On Sat, Jan 22, 2005 at 05:17:07PM -0500, Roger Dingledine wrote: > I took a brief look around the block policy at > http://en.wikipedia.org/wiki/Wikipedia:Blocking_policy and the pointer > to the February 2004 thread about anonymizers, but I didn't see any > definitive answers to the thread on the list. (In fact, it seems you point > to http://mail.wikipedia.org/pipermail/wikien-l/2004-February/010637.html > which isn't even in the thread.) Link fixed: http://mail.wikipedia.org/pipermail/wikien-l/2004-February/010605.html > Could you summarize for us to reasons why > Wikipedia doesn't want to require users _from Tor IPs_ to create accounts > in order to edit pages? Because vandals will just create an account, vandalise with it, get blocked, create a new account, vandalise with it, etc. > This is tricky to do from a technical standpoint, a) because we need to > teach Tor about protocols and how to reach into the application-layer > stream, and b) because Tor clients would need to predict what the > application was going to do before it does it, in order to pick an exit > node that will allow the operation. We'd like to consider implementing > something like this down the road but it seems hard to get right without > adding a lot of complexity (which is bad for security systems). Ah yes of course, I hadn't thought of that. The other alternative would be some way of specifying a connection as anonymous, at which point the server can decide whether or not it wants to accept it or handle it differently. It would have to happen at the IP level though, so it's not going to happen in the foreseeable future (no evil bit jokes please). -- Frank v Waveren Fingerprint: BDD7 D61E fvw@[var.cx|stack.nl] ICQ#10074100 5D39 CF05 4BFC F57A Public key: hkp://wwwkeys.pgp.net/468D62C8 FA00 7D51 468D 62C8
Attachment:
signature.asc
Description: Digital signature