- Affected components: MediaWiki core, CheckUser extension.
- Engineer for initial implementation: TBD.
- Code steward: TBD.
The existing method of attributing edits from anonymous users to their current IP address seems inadequate. Because:
- Exposure of a user's IP address to the public is a privacy problem (e.g. prosecution by a repressive regime, public embarrassment, stalking and harrassment, revealing real-world identity and location; see also Exposure of user IP addresses.)
- Edits from the same anonymous session cannot reliably be found by other users, due to varying IP addresses. This makes makes it difficult to review content and deal with on-wiki abuse. ("User contributions", and user blocking).
- The user cannot easily find their own edits. ("My contributions").
- The user cannot reliably communicate to others, or be communicated with, or receive notifications ("the talk page problem").
IP addresses change regularly for various reasons:
- IPv6 users regularly change IP addresses due to SLAAC (even when their location does not change).
- Mobile users regularly change IP addresses when moving closer to another cell tower.
- Users regularly change IP addresses when switching between networks (cellular to WiFi and between WiFi, e.g. home WiFi, cellular, train WiFi, office WiFi).
Also, when an IP editor is asked to register and does so, they get detached from their former contributions.
(Specify the requirements that a proposal should meet.)
- Edits by unregistered users are attributed to an identifier that is not based on personal information (such as IP address or Geo location).
- Edits by unregistered users are attributed to an identifier that remains consistent within a browser session.
Attribute edits by unregistered users to a session ID instead of the current IP address.
- What will the session ID be based on?
The first IP address used during that session.(Rejected, per privacy reasons)
- Auto-increment? UUID? Random? Random human-readable (e.g. diceware)?
- To what extend should these sessions act like real account?
- Should these be convertible to real accounts? If so, under what circumstances do we allow that, and how would that work?
- How can anti-abuse tools and workflows be adapted?
- Solves T152462: Add cookie when blocking anonymous users.
- Reduces talk page fragmentation for IP users (too many talk pages for the same user).
- Reduces accidental talk page sharing for IP users (too many users for the same IP over time). – T16396: Clear new messages flag for anonymous users after a few months
- Improves other aspects of IP-blocking.
- Makes it easy to solve T12957: Allow logged in user to reclaim previous anon edits.
- Makes it easy to solve T58828: Provide access to Notifications for anonymous users.
- RFC T95144: Exposure of user IP addresses (mediawiki.org)
- RFC T171382: IPv6 contributions and talk pages (mediawiki.org)
- T112325: Have one aggregated talk page for ipv6 /64
- T26294: Should block IPv6 addresses at /64 instead of /128