I'm not sure this is the proper forum for this thread but it is something I have interest in. I also ran one of the early usenet nodes. One of the shames of usenet is that it was quite useful at one point and then it's signal to noise ratio went so far down it was unusable. Mailing lists such as this one did slowly take over as venues for people to talk about things around a subject but if you were and are always at the subject to the owners of the list. Get "out of line" and you get ejected from the list. Finding somehow the balance such that you can have a completely distributed and open system that never gets spammed and only has high quality content is difficult. I'm not sure it's an insolvable problem but it's not an easy one. I don't know how many people have noticed this but one of the biggest things that seems to go untalked about isn't crypto, it's IDENTITY. Anyone can create a gpg key, but knowing that this person is a real person is more difficult. Knowing that two (or more) different posters are the same individual is even harder. Have any of you noticed many providers now link your id to a mobile number? It's under the auspices of better security, 2 factor authentication. This is true, but it's also the way they attempt to tie you to a real and single person. Sure you can get around that by having multiple numbers but there is a practical limit to that, most people don't. The problem with identity is that there's just so many to choose from. Google has theirs. Facebook has theirs. Github theirs. Almost always tied to your email address (in fact, I can't think of any that are not off the top of my head). Many of these Identites are tied to your mobile number behind the scene. Of course you could have more than one number. What we don't have is an internet standard on identity that is not tied to a single vendor or tied to your email address which might change. Such things are in the works though. I have read about iden3 https://iden3.io/ and DIF https://identity.foundation/. I have seen others as well. If it's not obvious why a decentralized identity is important, without some identity that you own (as opposed to google or facebook being your identity provider), you are not in control with what happens to information about you. You should be able to identify yourself without, say, having to give a site your mobile number, your birth certificate, a scan of a government ID...etc. In my opinion, a decentralized identity is one of the next big things that will happen on the internet. gpg/pgp and getting someone else to sign your key, or getting an x509 client certificate, these are not really idea solutions, but it's what we have today. (x509 is really a format and not an identity, but it's not really used as a global identity today, I am not exactly being fair by this comparison). What does this have to do with the subject of usenet and open forums and even fighting spam? Franky everything. Once you have an identity, people can sign posts with their identity and you can be reasonably assured that they are from a real person. You can be reasonably assured that two different posters are not sock-puppeting one another. You can be assured of the source of the news. When only real people can post, you shouldn't have any bots. IDs that are stolen can be revoked. All of these things go a long way to making the net more usable, more sane, and yes, more free. This sort of identity does not mean you can't be anonymous. Different sites can require different levels of identity. One site may let you post completely anonymously as long as you have an identity proving you are a real person. Another site could go further and require you use your real name and be a real person. So this isn't about being anonymous. Lastly, we have email which is store and forward messaging really one to one messages and we do mailing lists on top. Email is not owned by any company. There have been some attempts over the years to create something like distributed chats (instant messages). But so far, other than usenet, there are very few. IRC is centralized per server. The most recent one I have seen which looks really promising is Matrix. It's completely distributed, not run by a company, similar to email. It's still young though, it looks promising. It is not linked to any sort of real identity. Your matrix id is like an email address but nothing stops you from having multiple matrix IDs. This is probably a very touchy subject. These are my opinions. Your welcome to tell me I'm wrong, feel free to contact me off list. Michael Grant
Attachment:
signature.asc
Description: PGP signature