Comment Systems

Michael Stone, April 10, 2011, , (src)


Comment Systems

These days, I mostly write to work out the consequences and limitations of my ideas and to stimulate conversation on topics of interest to me. As a result, I am deeply interested technologies like email, wikis, collaborative editors, and web sites that can be used to facilitate written conversation. Unfortunately, I have not yet found a comment facility that meets my aesthetic standards for software design. Here are some reflections on what I’m looking for…

The Problem

Comment systems need to provide affordances for leaving comments, for moderating comments, and for reading comments while simultaneously protecting moderators and readers from dangerous inputs, from spam, and, when possible, from threats to availability and integrity.

The Approaches


Since I already have semi-adequate tools for handling email, it would be nice to be able to reduce the “comment system” problem to the previously solved problem of carrying on conversations in that medium. In particular, I had hoped I would be able to make use of the mailto URI scheme (along with other pre-existing mailing list software) to make it easy for would-be commenters to engage with me by including in each page a mailto link with body set to the plain-text source of the page. Unfortunately, the maximum length for mailto URIs is far too short – less than 2K.

Web-server Logs

Since my web-server already logs requests, it would likely be straightforward to arrange to for comments written in a comment-form to be transmitted to me as query-string arguments appended to an easy-to-grep-for URL. This approach has the appealing advantage of letting me fall back on my web server’s log-rotation facilities. Unfortunately, it would also require web-server specific processing code and it would probably wind up mixing my comment stream with a bunch of unrelated data.

Third-Party Hosted Services

There are several contemporary hosted services (operated by by third parties like Disqus) which I might be able to incorporate into my site, if I were willing to agree to their Terms of Service and if I were willing to expose my visitors to whatever content my “partner’s” servers decided to supply. However, since I have no personal relationships with any of the operators of these services, I have trouble convincing myself that I’ll be happy with this option in the long term.

Existing Comment Systems

Similarly, if I were willing to put up with the quirks, run-time requirements, and security records (wordpress CVEs) of existing comment systems, then I’d be all set. (Sigh.)


Add approaches based on seccomp, selinux, fresh partitions (or loopback-mounted files), and dependent types.