On Mon, Dec 30, 2013 at 4:06 PM, Risker <risker.wp(a)gmail.com> wrote:
On 30 December 2013 18:59, Tyler Romeo
<tylerromeo(a)gmail.com> wrote:
On Mon, Dec 30, 2013 at 6:49 PM, Risker
<risker.wp(a)gmail.com> wrote:
I disagree fundamentally with your position here.
It's technically
possible
for Tor editors to edit; all we have to do is
unblock Tor nodes (or for
them to disable Tor), and they can edit. It is the social and
policy-based
processes that prevent Tor users from using Tor
to edit. I happen to
agree
with those processes (having cleaned up major
messes from unblocked Tor
nodes on enwiki), but it's not a technical problem, really.
I'm confused exactly what you are disagreeing with? The consensus
currently
is that Tor users should not be able to edit raw.
Thus the issue at hand
is
that there is currently no technical solution for
allowing Tor users to
edit while still being able to block them. If you want to change the
consensus and unblock Tor users from editing, then it is indeed a
social/policy issue.
I have no desire to change the status quo. But the solution of being able
to isolate and block individual accounts through Tor would require a change
in Tor's software and principles, not MediaWiki's. One of its core
characteristics is to render accounts technically indistinguishable, and to
seek alternate routes when an account is prevented from editing/accessing.
I think there may have been some progress on this since the last time it
was brought up, since we now have OAuth in place. It might be a way to help
bridge this gap.
I was talking with Tom Lowenthal, who is a tor developer. He was trying to
convince Tilman and I that IP's were just a form of collateral that we
implicitly hold for anonymous editors. If they edit badly, we take away the
right of that IP to edit, so they have to expend some effort to get a new
one. Tor makes that impossible for us, so one of his ideas is that we shift
to some other form of collateral-- an email address, mobile phone number,
etc. Tilman wasn't convinced, but I think I'm mostly there.
We probably don't want to do that work in MediaWiki, but with OAuth, anyone
can write an editing proxy that allows connections from Tor, ideally
negotiates some kind of collateral (proof of work, bitcoin, whatever), and
edits on behalf of the tor user. Individuals can still be held accountable
(either blocked on wiki, or you can block them in your app), or if your app
lets too many vandals in, we'll revoke your entire OAuth consumer key.
So I'm not claiming to have solved this, but if other people want to
experiment with ways to do this, I think they can do it without a change to
the current blocking policy, or getting any code deployed on the WMF
cluster.
Risker
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l