rfc2057.txt

中、英文RFC文档大全打包下载完全版 .


RFC 2057             Source Directed Access Control        November 1996


   For moderated newsgroups, all messages to the newsgroup are forwarded
   to an individual who can screen them for relevance to the topics
   under discussion.  The screening process, however, does not increase
   the ability of the original speaker to control who receives a given
   message.  A newsgroup moderator has as little control as the original
   speaker over who receives a message posted to the newsgroup.

   Based on the current operations and standards of the Internet, it
   would be impossible for someone posting to a USENET newsgroup to
   screen recipients to ensure that the recipients were over 17 years of
   age.  Short of not speaking at all, I know of no actions available to
   a speaker today that would be reasonably effective at preventing
   minors from having access to USENET newsgroup messages.  Requiring
   such screening for any messages that might be "indecent" or "patently
   offensive" to a minor would have the effect of banning such messages
   from USENET newsgroups.

   A speaker also has no means by which he or she could require
   listeners to provide a credit card, debit account, adult access code,
   or adult personal identification number.  Each individual USENET
   server controls access to the newsgroups on that server, and a
   speaker has no ability to force a server operator to take any
   particular action.  The message is out of the speaker's hands from
   the moment the message is posted.

   Moreover, even if one hypothesized a system under which a newsgroup
   server would withhold access to a message until the speaker received
   a credit card, debit account, adult access code, or adult personal
   identification number from the listener, there would be no feasible
   way for the speaker to receive such a number.  Because a listener may
   retrieve a message from a newsgroup days after the speaker posted the
   message, such a hypothetical system would require the speaker either
   to remain at his or her computer 24 hours a day for as many as ten
   days after posting the message, or to finance, develop, and maintain
   an automated system to receive and validate access numbers.  All of
   this effort would be required for the speaker to post even a single
   potentially "patently offensive" message to a single newsgroup.

   Moreover, even if such a hypothetical system did exist and a speaker
   were willing to remain available 24 hours a day (or operate a costly
   automated system) in order to receive access numbers, not all
   computers that receive USENET newsgroups could reasonably transmit
   such access numbers.  Some computers that receive newsgroups do so
   only by a once-a-day telephone connection to another newsgroup
   server.  Some of these computers do not have any other type of
   Internet connection, and indeed some computers that receive USENET
   newsgroups do not even utilize the TCP/IP communications protocol
   that is required for direct or real time communications on the



Bradner                      Informational                     [Page 11]

RFC 2057             Source Directed Access Control        November 1996


   Internet.  These computers would have no means by which a prospective
   listener's access code could be communicated back to a speaker.

   It is my opinion that if this hypothetical access system ever were
   created, it would be so burdensome as to effectively ban from USENET
   newsgroups messages that might be "indecent" or "patently offensive."
   Moreover, the communications standards and protocols that would allow
   such a hypothetical access system have not as of today been
   developed, and no Internet standards setting body of which I am aware
   is currently developing such standards and protocols.  Specifically,
   such a hypothetical access system is not part of the "next
   generation" Internet Protocol that I helped to develop.

3.2.3  Internet Relay Chat.

   Another method of communication on the Internet is called "Internet
   Relay Chat" (or IRC).  IRC allows for real time communication between
   two or more Internet users.  IRC is analogous to a telephone party
   line, using a computer and keyboard rather than a telephone.  With
   IRC, however, at anyone time there are thousands of different party
   lines available, in which collectively tens of thousands of users are
   engaging in discussions, debates, and conversations on a huge range
   of subjects.  Moreover, an individual can create a new party line to
   discuss a different topic at any time.  While many discussions on IRC
   are little more than social conversations between the participants,
   there are often conversations on important issues and topics.
   Although I have not personally operated an IRC server in my career, I
   am familiar enough with the operations of IRC servers to be able to
   identify the obstacles that a speaker would encounter attempting to
   identify other participants and to verify that those participants
   were not minors.

   There exists a network of dozens of IRC servers across the world.  To
   speak through IRC, a speaker connects to one of these servers and
   selects the topic the speaker wishes to "join."  Within a particular
   topic (once a speaker joins a topic), all speakers on that topic can
   see and read everything that everyone else transmits.  As a practical
   matter, there is no way for each person who joins a discussion to
   interrogate all other participants (sometimes dozens of participants)
   as to their identity and age.  Because people join or drop out of
   discussions on a rolling basis, the discussion line would be
   overwhelmed with messages attempting to verify the identity of the
   participants.

   Also as a practical matter, there is no way that an individual
   speaker or an individual IRC server operator could enforce an "adults
   only" rule for a selection of the discussion topics.  Dozens of IRC
   servers are interconnected globally so that people across the world



Bradner                      Informational                     [Page 12]

RFC 2057             Source Directed Access Control        November 1996


   can talk to each other.  Thus, a speaker connected to an IRC server
   in the United States can speak directly to a listener in Asia or
   Europe.  There is no practical way that a speaker in the United
   States can be reasonably certain that a given IRC discussion is in
   fact "adults only."

   Nor can a speaker, prior to or at the time of joining an IRC
   discussion, ascertain with any confidence the identity of the other
   participants in the discussion.  Individual participants in an IRC
   conversation are able to participate anonymously by using a
   pseudonym.  A new speaking joining the conversation can see a list of
   pseudonyms of other participants, but has no possibly way of
   determining the real identify (or even the real e-mail address) of
   the individuals behind each pseudonym.

   Based on the current operations and standards of the Internet, it
   would be impossible for someone participating in a IRC discussion to
   screen recipients with a level of certainty needed to ensure the
   recipients were over 17 years of age.  Short of not speaking at all,
   I know of no actions available to a speaker today that would be
   reasonably effective at preventing minors from having access to
   speech in an IRC discussion.  Requiring such screening of recipients
   by the speakers for any IRC discussions that might be "indecent" or
   "patently offensive" to a minor would have the effect of banning such
   discussions.

4.0  Information Retrival Systems

   With FTP (or File Transfer Protocol), gopher, and the World Wide Web,
   the Internet is a vast resource for information made available to
   users around the world.  All three methods (FTP, gopher, and the Web)
   are specifically geared toward allowing thousands or millions of
   users worldwide to access content on the Internet, and none are
   specifically designed to limit access based on criteria such as the
   age of the Internet user.  Currently much of this information is
   offered for free access.

4.1 Anonymous FTP

   "Anonymous FTP" is a basic method by which a content provider can
   make content available to users on the Internet.   FTP is a protocol
   that allows the efficient and error free transfer of files from one
   computer to another.  To make content available via FTP, a content
   provider establishes an "Anonymous FTP server" capable of receiving
   FTP requests from remote users.   This approach is called "anonymous"
   because when a remote user connects to an FTP server, the remote user
   enters the word "anonymous" in response to the server's request for a
   user name.   By convention, the remote user is requested to enter his



Bradner                      Informational                     [Page 13]

RFC 2057             Source Directed Access Control        November 1996


   or her e-mail address when prompted for a "password."  The user is
   then given access to a restricted portion of the server disk and to
   the files in that area.  Even though the user may have entered their
   e-mail address in response to the password prompt, there is no
   effective validation or screening is possible using the FTP server
   software that is currently available.  Using currently available FTP
   software, a content provider has no way to screen access by
   "anonymous" users that may be minors.  Even if a content provider
   could determine the age of a particular remote user, the currently
   available FTP software cannot be set to limit the user's access to
   non-"adult" file areas.

   FTP server software can allow non-"anonymous" users to access the FTP
   server, and in that mode can require the users to have individual
   passwords that are verified against a pre-existing list of passwords.
   There are two major problems, however, that prevent this type of
   non-"anonymous" FTP access from being used to allow broad access to
   information over the Internet (as anonymous FTP can allow).  First,
   with current server software each non-"anonymous" FTP user must be
   given an account on the server computer, creating a significant
   administrative burden and resource drain.  If more than a limited
   number of users want access to the FTP system, the requirement of
   separate accounts would quickly overwhelm the capacity of the server
   to manage the accounts--the FTP server software was not designed to
   manage thousands or millions of different user/password combinations.
   Second, under existing FTP server software, each of these named users
   would have complete access to the server file system, not a
   restricted area like the anonymous FTP function supports.  This would
   create a significant security problem.  For these two reasons, as a
   practical matter FTP cannot be used to give broad access to content
   except via the anonymous FTP option (which, as noted above, does not
   allow for screening or blocking of minors).

   As discussed below with regard to the World Wide Web, even if someone
   re-designed the currently available FTP server software to allow the
   screening of minors, the administrative burden of such screening
   would in many cases overwhelm the resources of the content provider.














Bradner                      Informational                     [Page 14]

RFC 2057             Source Directed Access Control        November 1996


   Based on the current operations and standards of the Internet, it is
   not possible or practically feasible for someone operating an
   anonymous FTP file server to screen recipients with a level of
   certainty needed to ensure the recipients were over 17 years of age.
   Short of not operating an anonymous FTP server at all, I know of no
   actions available to a content provider today that would be
   reasonably effective at preventing minors from having access to
   "adult" files on the FTP server.  Requiring such screening by
   anonymous FTP server operators to prevent minors from accessing FTP
   files that might be "indecent" or "patently offensive" to a minor
   would have the effect of banning such anonymous FTP access.

4.2  Gopher.

   The gopher program is similar to FTP in that it allows for basic
   transfer of files from one computer to another, but it is also a
   precursor to the World Wide Web in that it allows a user to
   seamlessly jump from one gopher file server to another in order to
   locate the desired information.  The development of gopher and the
   linking of gopher servers around the worlds dramatically improved the
   ability of Internet users to locate information across the Internet.

   Although in many ways an improvement over FTP, gopher is simpler than
   FTP in that users need not enter any username or password to gain
   access to files stored on the gopher server.   Under currently
   available gopher server software, a content provider has no built-in
   ability to screen users.  Thus a content provider could not prevent
   minors from retrieving "adult" files.

   As discussed below with regard to the World Wide Web, even if the
   gopher server software allowed the screening of minors, the
   administrative burden of such screening would in many cases overwhelm
   the resources of the content provider.

   Based on the current operations and standards of the Internet, it is
   not possible for someone operating a gopher file server to screen
   recipients with a level of certainty needed to ensure the recipients
   were over 17 years of age.  Short of not operating a gopher server at
   all, I know of no actions available to a content provider today that
   would be reasonably effective at preventing minors from having access
   to "adult" files on a gopher server.  Requiring such screening of
   users by gopher server operators to prevent minors from accessing
   files that might be "indecent" or "patently offensive" to a minor
   would have the effect of banning gopher servers wherever there is any
   such material.






Bradner                      Informational                     [Page 15]