Le 10/11/2023 18:20, Russ Allbery wrote :
>
> [explanation of the mechanism for encrypting with more than one
> public key]

Many thanks for that!

Best Regards,
--
Olivier Miakinen

On Fri, 10 Nov 2023 14:57:11 -0000 (UTC), Doc O'Leary , <droleary.usenet@2023.impossiblystupid.com> wrote:
>For your reference, records indicate that
>Bixby <bixby@sctb.ch> wrote:
>> Also, once joined, people can read only messages posted after they joined.
>I have yet to hear why this is a desirable feature. There are indeed
>certain contexts where "no history" is a feature, but topical discussions
>that Usenet encourages benefit from FAQs and memes and other "timeless"
>content.
>I mean, you still need to chart out the use cases for these encrypted
>groups. I'm hard pressed to imagine why I would join a group that has
>I can't "binge" in order to understand what it's all about. For people
>already in a group, it sounds like the ultimate form of Eternal September.
>> Couldn't you say newsgroups are like mailing lists and question why
>> newsgroups exist?
>You absolutely could, and many do, and many no longer even know about
>Usenet and still use mailing lists. The fundamental feature Usenet
>provided was discoverability. That is less needed these days, and is
>absolutely destroyed by using encryption.
>> The advantage is that NNTP is global and places a large number of groups/
>> mailing lists in one place. Accessibility and convenience.
>Nah. The Internet has made the world small in a digital sense. Social
>media has made a business out of putting information (and misinformation)
>in everyone's pockets. Usenet is already a hard sell. Usenet with
>encryption is not an easier sale.
>> All news-servers would receive copies of all messages, but people (in the
>> sense of end-users of NNTP) would not; why subscribe to a group you cannot
>> read?
>But that's the same reason that server admins would give for not accepting
>those messages at all. Encryption is all the problems of binary groups on
>steroids. This is actually where a change in the NNTP protocol would be
>generally beneficial. Store-and-forward is inherently wasteful, and
>really should be replaced by a demand-driven distribution of messages.
>But other protocols already do that, so NNTP simply playing catch up isn't
>going to bring in a lot of new users.
>> Perhaps these costs are necessary to regain privacy, in its various forms
>> (such as privacy within a group, as posited here).
>Certainly true, and I'm sure everyone here uses encryption in many other
>contexts. But I still don't see a compelling use case for a public forum
>like Usenet.
>> No. I'm motivated by remembering how Usenet used to be, before it was
>> tracked. Public and private. That's the goal; to be able to emit
>> messages which only a given group can read.
>It was never private. Some messages simply got "lost" over time. That
>still happens, but it happens less and less because storage has gotten so
>cheap and spying on people has gotten so profitable. Encryption would
>help "lose" messages to a certain degree, but it's a tricky thing to make
>usable on a system like Usenet. You can already dead-drop encrypted
>messages in newsgroups, though, so nothing inherently needs to change
>above the client level.

all plus ones . . . governments, militaries, industries, corporations,
organizations, clubs, gangs, syndicates, etc. are inherently secretive;
surely that is why unmoderated usenet newsgroups have become so popular

On Fri, 10 Nov 2023 12:38:38 +0100, Olivier Miakinen wrote:

> Le 09/11/2023 11:25, Richard Kettlewell a écrit :
>>
>> [...] Even assuming the moderator is trustworthy, as the number of
>> recipients grows, the probability that one of them is one of the
>> group’s adversaries grows with it.
>
> Yes, and as soon as such a member exists, he/she may decide to
> re-publish any message he/she has received so far on a completely public
> alt.* newsgroup.

For groups where the subject matter is sensitive, a post can be made when
a new member is accepted. Existing members can then moderate their speech
until confidence is developed. The moderator also has a responsibility to
vet new members. Existing members also by their own control can choose
not to make their posts visible to arbitrary members, including new
members.

Of course, nothing is perfect or foolproof, but by having multiple
methods, each which has some effect, we can reasonably hope that the
frequency and severity of undesirable outcomes can be very greatly
reduced.

On Fri, 10 Nov 2023 17:32:22 +0100, Jakob Bohm wrote:
> On 2023-11-10 12:18, Olivier Miakinen wrote:

>> Of course, you will not ask any newsreader to implement it, so it will
>> be the task of the moderator to receive the message in clear and
>> encrypt it using the 100 public keys, before posting.

> No, point was to add logic to newsreaders and use the UseNet servers for
> distribution of encrypted posts and moderator announcements of
> membership changes.

Yes.

> Personally, I find the entire plan counterproductive to the traditional
> use of UseNet, though it may make sense as a means of keeping past
> correspondence out of view of future meatspace contacts (such as future
> employers).

I would say though that non-permanence of record is central to normal
human life and interactions. When we meet new people, they do not have
access to our full history of speech, writing, behaviour, and so on.

I do not know of a system which is large scale and public but which offers
*non* permanence of record.

On Fri, 10 Nov 2023 13:44:09 -0000 (UTC), Doc O'Leary , wrote:

> For your reference, records indicate that Bixby <bixby@sctb.ch> wrote:
>
>> For the first point, by and large, I imagine users posting to all
>> subscribers - trusting the moderator.
>
> But why? Or, put another way, what real purpose does the moderator
> serve?

To prevent archivers from subscribing to the group.

If the group is open, archivers (such as Google Groups, or TLAs) can
subscribe and copy everything.

Moderators factorize the effort required for subscriber validation.
Rather than all subscribers needing to perform validation on all new
users, the moderator alone undertakes this task.

>> prevent the subscriber in question from reading their posts.
>
> But only directly. The very nature of discussion threads means messages
> get quoted in whole or in part.

Yes. That's a good point. However, such quoting is going to be much less
in quantity of text than all posts being readable.

>> There are many problems which can occur, but most never do.
>
> By that same measure, I struggle to see the occurrences of the problem
> you’re trying to solve for in this encryption scheme.

The purpose is to provide a large-scale public forum which at the same
time is private to given groups, and which has non-permanence of record.

Bixby <bixby-nospam@sctb.ch> writes:

> I do not know of a system which is large scale and public but which
> offers *non* permanence of record.

Indeed, because when something is public, anyone can archive and republish
it, and in our current era of effectively free storage, someone will.

Your system essentially proposes to make it not public, which is the
obvious solution, but the trade-off is that then it's, well, not public,
with all that entails (no casual browsing, no casual discovery, an ongoing
requirement for policing the boundary of the group, arguments over
membership, etc.). There are a bunch of ways to create private discussion
systems and your system has some interesting trade-offs that may put it at
a different place in that spectrum, but it's still broadly the same
solution: get rid of the public part.

If you want to stop archiving in a world with ubiquitous archiving, I
think you're going to be stuck with small, private, controlled forums with
a sufficiently small number of participants that you're below Dunbar's
number and can rely on effective community pressure to keep people from
breaking the social contract and maintaining or publishing an archive.
Technology can manage the membership process, but it can't make words
harder to archive and republish. (And even then, I bet people will retain
private archives, which always have the possibility of leaking.)

--
Russ Allbery (eagle@eyrie.org) <https://www.eyrie.org/~eagle/>

Please post questions rather than mailing me directly.
<https://www.eyrie.org/~eagle/faqs/questions.html> explains why.

On Sat, 11 Nov 2023 17:15:45 -0000 (UTC), Bixby <bixby-nospam@sctb.ch> wrote:
>On Fri, 10 Nov 2023 17:32:22 +0100, Jakob Bohm wrote:
>> On 2023-11-10 12:18, Olivier Miakinen wrote:
>>> Of course, you will not ask any newsreader to implement it, so it will
>>> be the task of the moderator to receive the message in clear and
>>> encrypt it using the 100 public keys, before posting.
>> No, point was to add logic to newsreaders and use the UseNet servers for
>> distribution of encrypted posts and moderator announcements of
>> membership changes.
>Yes.
>> Personally, I find the entire plan counterproductive to the traditional
>> use of UseNet, though it may make sense as a means of keeping past
>> correspondence out of view of future meatspace contacts (such as future
>> employers).
>
>I would say though that non-permanence of record is central to normal
>human life and interactions. When we meet new people, they do not have
>access to our full history of speech, writing, behaviour, and so on.
>I do not know of a system which is large scale and public but which offers
>*non* permanence of record.

if natural law has anything to say about it, then for every action there is
an equal and opposite action; unmoderated newsgroups encourage openness not
secrecy

On Sat, 11 Nov 2023 20:35:53 +0100 (CET), D wrote:
> if natural law has anything to say about it, then for every action there
> is an equal and opposite action; unmoderated newsgroups encourage
> openness not secrecy

They continue to exist.

Note also openness necessarily means the absence of privacy.

Privacy has its place, too.

We do not as humans or groups of humans function in a completely public,
or completely private fashion.

On Sat, 11 Nov 2023 09:52:27 -0800, Russ Allbery wrote:

> Your system essentially proposes to make it not public, which is the
> obvious solution, but the trade-off is that then it's, well, not public,
> with all that entails (no casual browsing, no casual discovery, an
> ongoing requirement for policing the boundary of the group, arguments
> over membership, etc.).

Yes.

> There are a bunch of ways to create private
> discussion systems and your system has some interesting trade-offs that
> may put it at a different place in that spectrum, but it's still broadly
> the same solution: get rid of the public part.

Yes.

> If you want to stop archiving in a world with ubiquitous archiving, I
> think you're going to be stuck with small, private, controlled forums
> with a sufficiently small number of participants that you're below
> Dunbar's number and can rely on effective community pressure to keep
> people from breaking the social contract and maintaining or publishing
> an archive.

Yes, very much so. Enough people and of course *someone* will do anything
that can be done, regardless of anything.

> Technology can manage the membership process, but it can't
> make words harder to archive and republish.

Yes - the fundamental problem being that once someone has the decrypted
version, well, that's that. It's out.

> (And even then, I bet
> people will retain private archives, which always have the possibility
> of leaking.)

I was part of a particularly intimate group, populous, both active and
lurkers, which was active for many years, and this was never seen to
happen, FWIW.

On Fri, 10 Nov 2023 09:15:25 -0800, Russ Allbery wrote:
> Bixby <bixby@sctb.ch> writes:
>> On Thu, 09 Nov 2023 09:11:12 -0800, Russ Allbery wrote:

> What netnews provides over mailing lists is local caching and local
> archiving using a much more convenient protocol than mailing list
> archives (which are not standardized). Each site pays the cost of
> message transmission and reception only once, no matter how many local
> users want to read the message, and any local user can see all the
> recent messages, as opposed to the normal mailing list situation where
> you can only see the messages sent after you joined.

The more established mailing lists sometimes have web-based archives.

> Your system is getting rid of the two big advantages of netnews: the
> people receiving the messages is limited,

But only in much the same way that any given group is already limited;
only so many people subscribe to any given group. The only difference now
is that there is moderator of who subscribes. In all likelyhood, this
typically will make very little difference to the number of readers of a
group. Most people who want to read a group and fit to do so; we can
imagine excluded are the mass archivers, and the sociopaths, both of who
are small in number but profound in effect.

> and archives are useless since
> you can't read them until after you join. So it doesn't benefit from
> the two primary features of NNTP.

Archives - long retention - was not always a properly of news. Back in
the late 90s, retention was for a week or so. My argument of course is
that for some use cases, this is advantageous, and we should look to
obtain this functionality.

> It *does* arguably benefit from the distributed infrastructure, although
> you still have the moderator point of failure.

Already the case for existing moderated groups. If the moderator goes
away, or goes bad, a replacement must be found. The existing mechanisms
for this can be used for the new type of moderator.

> I suppose the other advantage I can think of is that running a mail
> server in this day and age is a giant pain in the ass because of spam
> filtering,

Amen. I gave up running my own SMTP server. No matter what I did,
delivery was poor, and it was based on IP. You have to pay for a
reputable IP. Personal SMTP is a thing of the past.

>> On the other hand, most choices are about cost and benefit. Would
>> adding this functionality to NNTP contribute to a revival of use? in
>> this day and age of ubiquitous surveillance, perhaps it has
>> considerable value.
>
> It just feels simpler to use encrypted mail if you're not worried about
> exposing email messages, although I suppose the flipside of netnews and
> email being so similar is that you can pretty easily implement anything
> with either. But the floodfill approach only seems warranted if it's
> moderately likely that any site will have some readers.

Being part of news solves the discoverability problem. That's critical.
Google et al are now overwhelmed by SEO.

For your reference, records indicate that
Bixby <bixby-nospam@sctb.ch> wrote:

> On Fri, 10 Nov 2023 13:44:09 -0000 (UTC), Doc O'Leary , wrote:
>
> > For your reference, records indicate that Bixby <bixby@sctb.ch> wrote:
> >
> >> For the first point, by and large, I imagine users posting to all
> >> subscribers - trusting the moderator.
> >
> > But why? Or, put another way, what real purpose does the moderator
> > serve?
>
> To prevent archivers from subscribing to the group.

But how? You’ve outlined no mechanisms to validate that trust. In
reality, *any subscriber* can be an archiver, whether intentionally or
unintentionally.

> If the group is open, archivers (such as Google Groups, or TLAs) can
> subscribe and copy everything.

Given sufficient reason, they’d likely archive the encrypted posts anyway.
Given that the client would be doing encryption targeting limited
recipients, there would be valuable meta data in that alone. Trying to do
private things in public vastly expands your attack surface.

> Moderators factorize the effort required for subscriber validation.
> Rather than all subscribers needing to perform validation on all new
> users, the moderator alone undertakes this task.

Yeah, I’m not buying it. I can’t think of a single use case where I
would trust some unknown moderator to completely screen anonymous
subscribers. You’d do well to think critically about how this would play
out in reality. I still see it as Eternal September v2.

> >> prevent the subscriber in question from reading their posts.
> >
> > But only directly. The very nature of discussion threads means messages
> > get quoted in whole or in part.
>
> Yes. That's a good point. However, such quoting is going to be much less
> in quantity of text than all posts being readable.

But that’s just worse! Quoted text is identified *signal*, whereas “all
posts” are just so much noise.

> The purpose is to provide a large-scale public forum which at the same
> time is private to given groups, and which has non-permanence of record.

You keep saying that but, again, I don’t think you have put forward a
plausible way for that to be become reality. Don’t just hand wave away
the fundamental issues. It remains the case that no change to the NNTP
protocol has to be made to support your goals. You are free to take any
open source newsreader and add the features that accomplish what you
want. If you are right, people will adopt it. If not, it should become
quickly clear what the issues are (likely including some new ones we
haven’t even covered in this discussion :-).

--
"Also . . . I can kill you with my brain."
River Tam, Trash, Firefly

On Sun, 12 Nov 2023 10:50:06 -0000 (UTC), Bixby <bixby-nospam@sctb.ch> wrote:
>On Sat, 11 Nov 2023 20:35:53 +0100 (CET), D wrote:
>> if natural law has anything to say about it, then for every action there
>> is an equal and opposite action; unmoderated newsgroups encourage
>> openness not secrecy
>
>They continue to exist.
>Note also openness necessarily means the absence of privacy.
>Privacy has its place, too.
>We do not as humans or groups of humans function in a completely public,
>or completely private fashion.

doubtless most would agree . . .

For your reference, records indicate that
Bixby <bixby-nospam@sctb.ch> wrote:

> Archives - long retention - was not always a properly of news. Back in
> the late 90s, retention was for a week or so. My argument of course is
> that for some use cases, this is advantageous, and we should look to
> obtain this functionality.

Much of that had more to do with the limitations of computing resources at
the time than anything specific to do with Usenet. Storage is cheap these
days, as it computing power for compression. Technological progress is
directly at odds with ephemeral data. Encryption can certainly address
some of that, but the real nut to crack is how to eliminate the value of
data that is *already* public. That seems to be more of a human/social
problem than a technology problem.

> On Fri, 10 Nov 2023 09:15:25 -0800, Russ Allbery wrote:
> > I suppose the other advantage I can think of is that running a mail
> > server in this day and age is a giant pain in the ass because of spam
> > filtering,
>
> Amen. I gave up running my own SMTP server. No matter what I did,
> delivery was poor, and it was based on IP. You have to pay for a
> reputable IP. Personal SMTP is a thing of the past.

Not so, and I’d argue the opposite of this, for much the same reason you
want more ephemeral messages to return to Usenet. I run my own SMTP
server. I jump through enough hoops that deliverability is high and
incoming spam is low (so low I don’t do any filtering). It’s not *that*
hard, and if you don’t want the big guys sifting through all your
messages, you’d benefit from getting back to the days of private email.

But on the topic of spam, it is important to note that eyeballs draw
spammers; it isn’t just an email problem. Spam on Usenet was a much
bigger issue when it was more popular, and if you’re seeking to make it
popular again, you’ll have to think about the mechanisms that need to
be put in place to limit abuse. There are ways encryption could help
that, but there are also ways it could end up making it worse.

> Being part of news solves the discoverability problem. That's critical.
> Google et al are now overwhelmed by SEO.

Because . . . eyeballs. Usenet is no longer a primary source for
discovery, and encryption would make it *less* so. Today, I can pop into
a group that seems interesting, see the subjects of discussions that have
been happening over the last month/year/whatever, check out some of the
posts to see if the community is cool or not, maybe lurk for a bit, and
eventually contribute to the discussion. That entirely goes away with
encryption, and I can’t see that replacement being very attractive.

--
"Also . . . I can kill you with my brain."
River Tam, Trash, Firefly

Bixby <bixby-nospam@sctb.ch> writes:
> On Fri, 10 Nov 2023 09:15:25 -0800, Russ Allbery wrote:

>> What netnews provides over mailing lists is local caching and local
>> archiving using a much more convenient protocol than mailing list
>> archives (which are not standardized). Each site pays the cost of
>> message transmission and reception only once, no matter how many local
>> users want to read the message, and any local user can see all the
>> recent messages, as opposed to the normal mailing list situation where
>> you can only see the messages sent after you joined.

> The more established mailing lists sometimes have web-based archives.

Right, but there's no standard protocol to read messages from them, so
usually you have some crappy and dysfunctional web-based
pseudo-mail-reader that's awful. That's one of the big advantages of
netnews; you can read the available archives with the same protocol that
you read new messages.

> Archives - long retention - was not always a properly of news.

Sure, I agree. But *short-term* archives are vital to the entire social
experience of netnews and have been since the very beginning. As someone
who was on Usenet before the Great September, the standard culture was to
read the available articles in the group before jumping in with your own
postings. Often that would include a FAQ, and it would always include
some typical discussions, so that you knew what the group was like in
advance.

> Back in the late 90s, retention was for a week or so.

Two to four times that was more common in my experience, but sure, it
wasn't years.

>> It *does* arguably benefit from the distributed infrastructure,
>> although you still have the moderator point of failure.

> Already the case for existing moderated groups. If the moderator goes
> away, or goes bad, a replacement must be found. The existing mechanisms
> for this can be used for the new type of moderator.

Right, but again I'm comparing to just running an encrypted mailing list,
which is in some ways easier to set up. Any one person with a server can
do it; you don't need a network of news servers willing to carry your
traffic.

> Amen. I gave up running my own SMTP server. No matter what I did,
> delivery was poor, and it was based on IP. You have to pay for a
> reputable IP. Personal SMTP is a thing of the past.

This may be the strongest argument for using a private netnews hierarchy
for this sort of encrypted messaging: it seems to now be easier to share
netnews servers than mail servers. Which is sort of weird, since arguably
you could do the same thing with mail and just give people POP accounts,
but the resource and account dynamics of netnews are different in useful
ways.

> Being part of news solves the discoverability problem.

It absolutely does not when all of the messages are encrypted. I think
this is the biggest flaw in your plan.

--
Russ Allbery (eagle@eyrie.org) <https://www.eyrie.org/~eagle/>

Please post questions rather than mailing me directly.
<https://www.eyrie.org/~eagle/faqs/questions.html> explains why.

Doc O'Leary , <droleary@2017usenet1.subsume.com> writes:

> Yeah, I’m not buying it. I can’t think of a single use case where I
> would trust some unknown moderator to completely screen anonymous
> subscribers. You’d do well to think critically about how this would
> play out in reality. I still see it as Eternal September v2.

I think the exact opposite is more likely: almost no one joins the groups
after the initial enthusiasts.

The very specific problem that you (Bixby) have here, I think, is that you
have no obvious way to ease someone into the group. The encryption setup
makes it all rather all-or-nothing: either they can read and send messages
or they can't. (Yes, some people can leave them out of their list of
keys, but in practice very few people are going to want to micromanage
that.)

The advantage of traditional moderation is that you can let anyone read
and get a feel for the place, and then you can screen their first few
postings and make sure they understand the cultural norms. Then you can
transition them to autoapprove, but you can always go back to screening if
you need to. This works great for easing someone into the group and
watching out for bad behavior from someone you don't know yet.

Closed groups always have a stagnation problem because the barrier to
entry is high, and after a few bad experiences (particularly if it
requires a whole annoying thing to get someone out of the group again),
people stop wanting to take risks on new members.

--
Russ Allbery (eagle@eyrie.org) <https://www.eyrie.org/~eagle/>

Please post questions rather than mailing me directly.
<https://www.eyrie.org/~eagle/faqs/questions.html> explains why.