Julien <iul...@nom-de-mon-site.com.invalid> wrote:
>Hi Adam,
>>In the regional hierarchies I'm familiar with, the control messages
>>would be sent under the old credentials.
>>Taking the entry out and putting it back is hardly an instant process.
>>This is not a good idea.
>In this thread, we discussed about changing the default values of
>control.ctl to disable the processing of control messages for every
>hierarchy that doesn't have PGP-signed control messages.
I am aware that Russ is interested in doing that and that you agree. I
am well aware of the history of Hipclone's denial of service attacks
with control messages, which is why PGP-signed control messages were
created to begin with. This was three and a half decades ago. A decision
was made at the time not to force regional hierarchies and other
international hierarchies, which rarely had hierarchy administrators who
were technically proficient, into implementing this.
We also know that various regional hierarchies and international
hierarchies in languages other than English didn't necessarily maintain
their group lists with control messages anyway, or that no one
responsible checked the archive of control messages to make sure it had
a complete record.
Given the distributed nature of Usenet administration, that's reality.
>Sending the messages under the old credentials won't work either...
I am aware if you succeed in getting every News administrator to adopt
this, that will be the case. Without recognized PGP-signed credentials,
we're assuming a user will request creation of the group from his News
administrator and that the control message will be processed manually.
>That's why I suggested to even go a bit further and no longer provide
>these entries in the control.ctl file to simplify it.
No, Julien, that makes things more complicated. In the absence of a News
administrator following discussion of the proposal to create the new
group in the *.general newsgroup for the hierarchy (there's unlikely to
be a *.config newsgroup), he's going to have to use his best judgment
to figure out if there's truly an audience for the group or someone
immature is screwing around, or someone trying to impose topic
moderation in unmoderated Usenet is causing trouble by attempting to
force discussion he doesn't want to see to take place elsewhere 'cuz he
just doesn't wanna use his own kill file.
At least with the old credentials remaining in control.ctl, even if
commented out, a newgroup message sent with the old credentials might
give a News administrator more confidence that the proposed newsgroup
went through some legitimate process to form a consensus that discussion
on that topic might more to the proposed newsgroup, and that it's not
being done for petty or spiteful reasons.
>Of course a full version of control.ctl can still be generated. News
>admins can then choose between the stripped version with only still
>active hierarchies, and the comprehensive version of more than 2700 lines...
Why would a News administrator care about the number of lines in
control.ctl? If he needs to search for matching credentials, then he
wants to be able to find the information in that file and doesn't want
to figure out some other place to find it. Again, stripping out the
information he needs to find would actually make things more complicated.
Julien, you are conflating "active" with whether discussion is still
taking place in groups in that hierarchy. The issue of whether a
technically proficient hierarchy administrator exists for a regional
hierarchy is not any kind of hint to a News administrator that he should
create groups in that hierarchy.
This is a bad idea. Please do not do this.
I am going to remind you of a regional hierarchy that was well known for
being administered by technically-proficient people that had established
PGP-signed control messages, but the key was lost. I'm not going to name
the parties but given that most regional hierarchies have a fairly
stable set of newsgroups and might not change for close to a decade,
loss of the key is a real possibility.