From: Bryce <wilcoxb@nag.cs.colorado.edu>
Date: Wed, 7 Feb 1996 10:50:54 +0800
To: declan+@cmu.edu
Subject: Web Page Authentication (was: Anti-Nazi Authentication)
In-Reply-To: <199602060545.QAA12048@sweeney.cs.monash.edu.au>
Message-ID: <199602070204.TAA14469@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 An entity calling itself Jiri Baum 
 <jirib@sweeney.cs.monash.edu.au> probably wrote:

> Hello Rich Graves <llurch@networking.stanford.edu>
>   and bryce@colorado.edu
>   and "Declan B. McCullagh" <declan+@cmu.edu>, cypherpunks@toad.com
>  
> > On Fri, 2 Feb 1996, Bryce wrote:
> ...
> > For the paranoid, it would be an added assurance that they are reading the
> > original file at the original location. Otherwise, anybody could copy the
> > Web page, modify it, and give it someone else's PGP signature. 
> ...


No I didn't.  That was Rich I think.


> So? I guess it's plagiarism, but there's nothing you can do about it
> anyway. If someone wants to claim your words, let them sign.


What *I* wrote was some ways that you *could* do something
about it, namely PGP clearsigs and and timestamps.  I have
the disheartening impression that my e-mail hasn't been
delivered properly for the last couple of weeks.  That, or
nobody is listening to me.


> One other thing - what about inline images?
> 
> I guess you could put an MD5 hash of the image into the IMG tag,
> as a new attribute (you don't necessarily want to sign each of the
> images separately).
 

That's a good idea.  Of course you already have signed the
URL, which is supposed to be universal.  However someone
*could* hijack the http requests and shove the wrong images
into your "PGP signed" document.  This could stand some more
thought.  I like your MD5 idea, but that isn't as easy to
implement and distribute.


Most graphic file formats can have inert embedded comments.
We could stick the URL at which the file should be found,
along with a whole PGP sig of that URL and the graphic
data.  Then, since we have that URL signed, and we have the
URL for the inline image in the html file signed, we can
match the two together and be safe except for some really
funky replay attacks.  (Which you can avoid by never storing
a file at an URL which once held a different file.)


Hm.  Your MD5 hashes sound like a better idea.  :-)


> I'm not sure how to do links, but I guess for the time being you'd
> leave them unsigned, with a disclaimer or something on the signature file.


Umm..  Hm.  What do you mean?  The text of the hrefs would
be signed since it is part of the html document.  Hopefully
it would be intuitively obvious to the most casual user that
if you are reading a file signed by X, and you click on an
URL and go to another file, that the new file is not
necessarily signed by X.  :-)


> Have a look at http://www.cs.monash.edu.au/~jirib (my home page).
> Is that more-or-less what you have in mind?


Nice!  If you want you can have copies of the graphics in
"http://www-ugrad.cs.colorado.edu/~wilcoxb/images/pgpcheck".


I think they should say "signed" rather than "verified"
since they haven't been verified until the user actually
runs PGP on them.  Let me know if you want variations on the
images there-- I'll cook them up and give them to you.


Sorry for snapping at you at the beginning of this message--
I'm was just in a bad mood and I hate having things
mis-attributed to me.


Regards,

Bryce

                 "Toys, Tools and Technologies"
  the Niche 
        New Signal Consulting -- C++, Java, HTML, Ecash
            Bryce 
 
PGP sig follows



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMRgIZPWZSllhfG25AQHvBQP+LHZRIeNPujzmooJMOLHnmvnojtQNGzNe
ttYUykeS47wT/ack2TS0pD3oYrvu0vUsD7A2dMON0rgDlzsx/GMIcteqFxE0Hkg/
64SLl9JO+SI43/1MU0hBI3PJppOzIIzxtQaWvIQbBz5zajDf8I60Fe69KK91q5sj
Q6c871kjtV4=
=dDpO
-----END PGP SIGNATURE-----