James Hess wrote:
it has been shown that some clients and scripts assume a user's address can never change without the user quitting and returning. Perhaps that assumption is flawed, but it is what is. At least cycling helps ensure their address lists stayed syncd.
The simple fact is... the _very_ small number of clients and scripts that assume that, can be allowed to keep on their way with their flawwed assumption.
Even when the assumption is wrong.. there can be made to be no impact in almost all cases, the "brokenness" is non-fatal.
Let's forget about modern stateful clients for a moment, and go back to basics: /ignore. You're suggesting a situation that will result in a user /ignoring someone in a channel, then having unwanted content from them suddenly show up with no indication as to the reason. /ignore isn't just some feature that came along; it was the result of a need for content control with a minimum of administrative and ethical issues. The problem and various solutions are still debated occasionally, but full hosts and /ignore for host-based wildcard masks (along with channel bans) were added in lockstep by the developers of both the ircd and client at the time. The immutability of hosts during a session on IRC isn't a "flawed assumption" cooked up recently by a handful of people, it is something that was baked into IRC from the beginning, and something that very many implementors have implicitly understood since then. /ignore is not implemented and used by a "_very_ small number of clients and scripts". End users rely on it not silently failing for inexplicable reasons.
I'm saying "to hell with their assumptions"; as long as they are not crashing or blowing up, the limited number of users utilizing masking mitigates any effect.
Based on what I've seen, hostmasking is considered an almost universally desired feature and is rarely *unused* on networks that offer it as an option. Why do you think it will only be used by a minority? Why do you imply that minority will have no effect on others in the same channels? And the question remains: what practical use does realtime hostmask toggling actually have?
Some people won't want to be masked.
Just like some people don't want to be +i. Their friends can't find them with /WHO
I believe the usefulness of that of that particular approach was lost to spambots a decade ago; I would be interested in even anecdotal evidence that WHO is used by someone, somewhere to find his or her friends on a regular basis. It is also much less likely to be helpful on networks offering registration systems (like DALnet). People who don't use +i currently make up less than 0.3% of DALnet's userbase. It would be interesting to see numbers from networks implementing default-but-optional anonymous hostmasking with a significant userbase.
It *WILL* cause immediate issues if forced or made a default. Some users who didn't ask for or want to be masked will be unhappy..
If making masking a non-default prevents that, it is a reasonable tradeoff to allow a reasonable relatively non- disruptive adoption of masking (compared to forcing everyone into it at once).
That isn't the only part of the tradeoff, as there are long-term disadvantages to making hostmasking optional at all. The closest thing to a practical reason for making hostmasking optional that I've seen mentioned so far is that it will require people to update various access lists, but this will happen for any client that chooses to use hostmasking anyway. It is also a short-term problem that will only occur during a transition period. You believe that a minor reduction to disruption in the short term is worth the long-term problems of a complex implementation that is more open to abuse and unhappiness, even if the options that created that complexity are no longer significantly used?
It is best to stage changes such as this. Let users who want masking be the only ones to use it at first. At a future version, once users are comfortable with masking, consider making it the default.
My impression is that a great many users are already comfortable with hostmasking, since it has been available elsewhere for a long time and is apparently being considered here due to user demand. It is known to the majority of people as a security feature, and appears to have rapid adoption wherever it is introduced. -- Quension