From: drzaphod@brewmeister.xstablu.com (DrZaphod)
To: cypherpunks@toad.com
Message Hash: 06c0c8af5cfd5bcfb22599bea7053f93b381a32232c082d7ad02ed72495db06f
Message ID: <m0pLmWa-0003E2C@brewmeister.xstablu.com>
Reply To: <Pine.3.88.9401161724.A7721-0100000@krypton.mankato.msus.edu>
UTC Datetime: 1994-01-17 05:33:16 UTC
Raw Date: Sun, 16 Jan 94 21:33:16 PST
From: drzaphod@brewmeister.xstablu.com (DrZaphod)
Date: Sun, 16 Jan 94 21:33:16 PST
To: cypherpunks@toad.com
Subject: Re: PGP posting validation
In-Reply-To: <Pine.3.88.9401161724.A7721-0100000@krypton.mankato.msus.edu>
Message-ID: <m0pLmWa-0003E2C@brewmeister.xstablu.com>
MIME-Version: 1.0
Content-Type: text/plain
> > Robert A. Hayden [hayden@krypton.mankato.msus.edu] wrote:
>
> Just to verify, I followed up to a previous posting, it wasn't mine
> originally :-)
Yep.. sorry about the confusion.. I wiped the first msg.. and
only had your reply to go on.
Now on to the topic at hand.
> Please don't take this as confrontational (ie, this is not a flame :-)
I always associated flames with rash, unfounded accusations..
It's ok to confront.. |-]
> How would requiring that postings made to a list be verifyable be
> censorship? What it does is verify that REAL people posted the message
> and that the person who's address is on the message is actually the person
> that posted it.
No, verifying identities [even pseudonyms] is fine.. if you
trust THE LIST.. which is also fine.. but it does leave a gap.
[note: this filter approach is similar to the Clipper chip in that
it provides a [possibly] false sense of security -- if people
want to filter what they see, trust in themselves and don't
filter what other people see]
This also eliminates anonymous postings.
Well.. unless the filters are willing to let all messages that
are from people NOT registered with THE LIST thru..
> Now, granted, I suppose it could end up dumping some postings because
> they were forged, and that is sort of censoring. But it isn't censoring
> based on content, but based on the fact that it appears to be a forgery.
If THE LIST wants to tack on a little note at the top of
every msg saying "VERIFIED AUTHOR WITH LIST DATABASE" then fine..
but don't FILTER it.
> And by bouncing a message back to the person that posted it, you give
> them an opportunity to repost (this time signed) in case they forgot.
a warning from THE LIST, no less.
> Also, as for the filter idea. If some jerk is posting a message as
> appearing to come from schmuck@foo.bar.com, yes, I could add that address
> to my filter and delete it before i see it, but if the jerk starts
> posting as coming from idjit@bar.foo.com, I'd have to add another filter
> line.
If THE LIST can filter msgs by PGP sigs, then so can you. It
will be no more work for you.
> By doing a check of the digital signature against the posters public key,
> you eliminate most instances of forgery. Of course, if the poster's key
> is compromised, that's a different story.
By trusting validation to just HAPPEN to your incoming mail
on some remote location is ludicrous.
In conclusion. . .
All too often people want to patch a problem and have it go
away.. for everyone. Why don't we make the solution available to
everybody, not make the solution for everybody.
Nice chatting, Robert. I'm sure I'll be seeing more. TTFN.
> ____ Robert A. Hayden <=> hayden@krypton.mankato.msus.edu
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- DrZaphod #Don't Come Any Closer Or I'll Encrypt! -
- [AC/DC] / [DnA][HP] #Xcitement thru Technology and Creativity -
- [drzaphod@brewmeister.xstablu.com] [MindPolice Censored This Bit] -
- 50 19 1C F3 5F 34 53 B7 B9 BB 7A 40 37 67 09 5B -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Return to January 1994
Return to ““Robert A. Hayden” <hayden@krypton.mankato.msus.edu>”