[gnso-rds-pdp-wg] On unauthenticated vs gated access (was Re: Reputation systems are not just nice to have)

[Andrew Sullivan]

On Tue, Oct 03, 2017 at 06:31:47PM -0400, allison nixon wrote:
> things they don't want to. We want to keep the available information
> public, not gated, for the same reasons why you described a "vetting"
> process as prone to problems.

I think the above creates a false dichotomy: either we have a gate on
access that vets people as "legitimate" or else everything is wide
open to everyone.

It seems to me, however, that a gated access system could quite
reasonably have an extremely liberal access policy, but one that still
knows who is doing what.  That is, if someone wants access to this
information, they need to say who they are and need to allow others to
know what they are doing.

The argument for this is quite similar to the argument that, if
someone wants to operate infrastructure on the Internet (e.g. domain
names), the Internet operations community has an interest in being
able to know who they are and how to contact them.  I see no
compelling reason why, if you want to use public infrastructure to
build a picture of which other people are operating infrastructure,
the operators of that infrastructure get to know who you are.

That doesn't mean the data gets less hard to learn.  But it does mean
that, if you want to get it, you need to let others know what you are
doing.  Then if your reputation gets bad because you do things you
shouldn't with that data access, your access can be removed.  Again,
this is just like the argument for what people do with reputation data
about domains and their operators.

Distributed operation via voluntary interconnection applies to
_everything_ on the Internet.

Best regards,

A

-- 
Andrew Sullivan
ajs at anvilwalrusden.com