On Mar 11, 2015 2:23 AM, "Gergo Tisza" <gti...@wikimedia.org> wrote: > > On Tue, Mar 10, 2015 at 5:40 PM, Chris Steipp <cste...@wikimedia.org> wrote: > > > I'm actually envisioning that the user would edit through the third party's > > proxy (via OAuth, linked to the new, "Special Account"), so no special > > permissions are needed by the "Special Account", and a standard block on > > that username can prevent them from editing. Additionally, revoking the > > OAuth token of the proxy itself would stop all editing by this process, so > > there's a quick way to "pull the plug" if it looks like the edits are > > predominantly unproductive. > > > > I'm probably missing the point here but how is this better than a plain > edit proxy, available as a Tor hidden service, which a 3rd party can set up > at any time without the need to coordinate with us (apart from getting an > OAuth key)? Since the user connects to them via Tor, they would not learn > any private information; they could be authorized to edit via normal OAuth > web flow (that is not blocked from a Tor IP); the edit would seemingly come > from the IP address of the proxy so it would not be subject to Tor blocking. >
Setting up a proxy like this is definitely an option I've considered. As I did, I couldn't think of a good way to limit the types of accounts that used it, or come up with an acceptable collateral I could keep from the user, that would prevent enough spammers to keep it from being blocked while being open to people who needed it. The blinded token approach lets the proxy rely on a trusted assertion about the identity, by the people who it will impact if they get it wrong. That seemed like a good thing to me. However, we could substitute the entire blinding process with a public page that the proxy posts to that says, "this user wants to use tor to edit, vote yes or no and we'll allow them based on your opinion". And the proxy only allows tor editing by users with a passing vote. That might be more palatable for enwiki's socking policy, with the risk that if the user's IP has ever been revealed before (even if they went through the effort of getting it deleted), there is still data to link them to their real identity. The blinding breaks that correlation. But maybe a more likely first step to actually getting tor edits? _______________________________________________ > Wikitech-l mailing list > Wikitech-l@lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/wikitech-l _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
