1993-10-25 - Re: ADMIN: proposed new policy on the mailing list

Header Data

From: pierre@shell.portal.com (Pierre Uszynski)
To: cypherpunks@toad.com
Message Hash: dbd55cd89f8c8cfaa0ff9e1e8a61b67d387a08692f737e90b59dd7c3cb801a35
Message ID: <9310250802.AA19739@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1993-10-25 08:03:41 UTC
Raw Date: Mon, 25 Oct 93 01:03:41 PDT

Raw message

From: pierre@shell.portal.com (Pierre Uszynski)
Date: Mon, 25 Oct 93 01:03:41 PDT
To: cypherpunks@toad.com
Subject: Re: ADMIN: proposed new policy on the mailing list
Message-ID: <9310250802.AA19739@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP UNSIGNED MESSAGE-----


I'll vote yes to the amended policy proposal

> "make something that looks like a signature, or else".

While I tend to agree with the general argument presented in favor,
I'll also agree that there are several problems with it:

- Yes, it's too easy to circumvent the policy by cutting and pasting
something that looks like a signature (more or less :-)

- Even then, the 6 hour delay is not that much trouble when you are
actually building a discussion, and not flaming... So it would be
more like "if you want to flame, you better spoof"... hmmm :-( 

So, all in all, there is not that much incentive added to using signatures.
I think any is better than even less, so I'll still vote "yes"... at least
as an experiment...

But here are some more ideas:

1) have the mailing list relay insert disclaimers according to what it
recognized:

> remailer: This message wholly un-authenticated. The identity info
> presented in this message could have been faked by a 6 year old.
> Use digital signatures.

or,

> remailer: This message digitally signed. The pseudonymous identity
> used may have no relation with any Real Life Person.

or,

> remailer: This message digitally signed. Signature checked to match
> previous uses on this list by this pseudonym.

or,

> remailer: This message's digital signature does not match previous
> uses on this list by this pseudonym. This will be -version 2- of this
> pseudonym.

2) Campaign so that users of this list include "security disclaimers"
whenever they post or email on the net. That could be a sig or a header
line, such as "The identity info in this post could have been forged by
a six year old. Do not trust it. Use digital signatures."

3) To make it more obvious that the From: field can say just about
anything, use the "National Enquirer" headline generator that was
posted on the net to replace the incoming header:

>From: Diform Flying Saucer Throws Giant Tomato on the Pope

Maybe then, people will take that header less seriously...

Pierre (who?)
pierre@shell.portal.com

-----BEGIN PGP UNSIGNATURE-----
Version: 2.4

iQBFThIsMayHAVEBEEnarealsiGNatUre, IFi   onlYHaDEvERYthiNginPlace
toCheCKINcOmINGSigsTOO. :-)
=Bof
-----END PGP UNSIGNATURE-----






Thread