1993-10-23 - Re: ADMIN: proposed new policy

Header Data

From: Karl Lui Barrus <klbarrus@owlnet.rice.edu>
To: cypherpunks@toad.com
Message Hash: aa66e140bd98296713d43b5cb3d9ddf2629e1321e17239fcf9e6fda17d1013b2
Message ID: <9310232303.AA26424@flammulated.owlnet.rice.edu>
Reply To: N/A
UTC Datetime: 1993-10-23 23:03:28 UTC
Raw Date: Sat, 23 Oct 93 16:03:28 PDT

Raw message

From: Karl Lui Barrus <klbarrus@owlnet.rice.edu>
Date: Sat, 23 Oct 93 16:03:28 PDT
To: cypherpunks@toad.com
Subject: Re: ADMIN: proposed new policy
Message-ID: <9310232303.AA26424@flammulated.owlnet.rice.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PRIVACY-ENHANCED MESSAGE-----
Proc-Type: 2001,MIC-CLEAR
Originator-Name: klbarrus@owlnet.rice.edu
Originator-Key-Asymmetric:
 MFkwCgYEVQgBAQICAgADSwAwSAJBAM7KsFv7Dch7fCAN7eOwlL+AEL9XpkiLjf8x
 buBLdKhVttUO5OeycOBNOcJPCqwb1/GYKXwrni6+eck4kmImV7kCAwEAAQ==
MIC-Info: RSA-MD5,RSA,
 vEhLgb41mGdbMVTerMqViYmrSV7GwytHvfR1Iu9mrjBIUaxdpS6PypMitxiciJWC
 hOThe6DXSTfUU6aQ4CTAMA==

I like the idea of encouraging people to digitally sign messages.  I
also decided to try out ripem to see what its signed documents look
like.

I can't decide whether not people who don't should be "punished" by
having messages delayed... it is an inducement, but not too drastic.

We have an infrastructure problem: some crypto portions are in place,
some aren't, some are being developed.  Matt asked why he would want
to check the signatures on some posts... in the future, you won't have
to do anything extra since your mail software will do it for you.  Of
course, this will also help to screen anonymous mail - a person could
build a reputation for a pseudonym and your mail software will report
who signed it rather than where it came from.

So for some, it's convenient to sign posts, for other it isn't.  Maybe
unsigned posts could reflect out of toad.com with a header - something
like "X-Signed: not authenticated".  Rather than delay them, that is.

Also, another Matt asked how to use PGP to sign documents:

pgp -sat +clearsig=on file

You can specify this in config.txt also.

If you are using RIPEM:

ripem -e -m mic-clear < file > file.sign

Ray's solution for people fearing having their secret keys on a public
machine is perfect!  Just create another, for signing cypherpunk
postings.
-----END PRIVACY-ENHANCED MESSAGE-----





Thread