Few months ago,I started a
thread about how bitcointalk collect logs,IPs etc..
@theymos suggested a solution,to implement a public-key-registration system in order to let users who are registered within this system avoid IP logging.
I don't like that IPs are sometimes kept indefinitely. To prevent abuse, it would probably be sufficient to keep them for ~6 months. But keeping these logs long-term is extremely useful for account recoveries. I've been thinking about this issue, and I think that in the future I might let users opt out of long-term IP logging if they have a public key registered in a (currently-not-existing) public-key-registration system. Though, again, even then you should model this site and all sites as keeping complete logs.
@theymos I know you are busy,but please don't forget this.
I don't understand why theymos said there in that quote that keeping IP logs is extremely useful for account recoveries. Most hackers will just use Tor or a VPN to log in, and most people will also use VPN and Tor to browse this site, that is, if they know what they are doing, because I doubt people use their real IP's here, a place with tons of scammers trying to dox each other and so on. (maybe im missing the point and he is talking about something else, I haven't looked at the context of the quote)
The recovery system is a mess, big backlog of people still waiting to get their accounts recovered after delivering sufficient cryptographic proof via signing a message with a BTC address as they request. Yet, 99% chances are neither theymos or cyrus will look at your thread.
I like how that system sounds, however it must be automated for account recovery or else hire more people to make the process faster.