Chris Steipp wrote:
I think there may have been some progress on this since the last time it was brought up, since we now have OAuth in place. It might be a way to help bridge this gap.
I was talking with Tom Lowenthal, who is a tor developer. He was trying to convince Tilman and I that IP's were just a form of collateral that we implicitly hold for anonymous editors.
Explicitly, no? We actively record and retain the associated IP address indefinitely if a user makes an edit without logging in. If those edits are disruptive, there's usually a permanent public record.
The collateral idea is interesting, though it should really be "verifiable collateral," I believe. You have to round-trip with the mobile number, e-mail address, credit card number, etc. to ensure that it's legitimate. Spoofed IP addresses (whether through open proxies or Tor) are generally disallowed due to the abuse vector. Presumably in part because of the weak verifiability of IP addresses as compared to other forms of Identification.
And then of course there are projects like the XFF project, which like the Tor exemption, seek to strike a balance between liberty and anarchy. Lar used to say that you could nearly eliminate socking if you required everyone to verify with a credit card. Which is true, but....
Given the current rewrite of the privacy policy, it may not even be possible to collect other forms of identification without a Board resolution. Everyone will read the draft privacy policy's "we try to collect as little as possible" language differently, though.
At Wikimedia's size, any potential collateral solution is proportionately difficult to scale and secure. Wikimedia gets a lot of requests, so it would subsequently be verifying a lot of data (we already send out X e-mails per day and growing). In terms of security, you have to prevent the verification system from abuse. Similar to how the donation system has been used to make it easier to steal credit cards, mobile phone number and other types of verification can make nefariousness easier. So you need to implement hard and soft rate-limiting and other anti-abuse mechanisms. Bleh.
MZMcBride