From: "Rev. Mark Grant, ULC" <mark@unicorn.com>
Date: Tue, 12 Mar 1996 07:18:17 +0800
To: Nelson Minar <nelson@santafe.edu>
Subject: Re: anonymous web pages (Was: SurfWatch)
Message-ID: <Pine.3.89.9603111856.A446-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 9 Mar 1996, Nelson Minar wrote:

> I proposed this a couple of months ago, there should be a bit of
> discussion left over in the archives. My idea was to have an account
> keyed to a password - if you emailed the server with the right
> password, it would take the text of your email and put it in the
> specified URL. Then you can use remailers to preserve anonymity with
> the server. It's sort of like the alias.c2.org accounts.

I have something like that (not yet finished or released). I run a mailbot
which accepts mail to a unicorn.com address and allows remote updating of
my WWW tree (and a lot of other things, e.g. mailing lists, multiple
mailbox support, etc). It just checks the PGP signature matches the www
key in my PGP keyring, and performs the update if it does. 

Most of the interest I've had in the release version was from people who
wanted remote updates of their non-anonymous sites by email, but it could
easily be used for anonymous accounts. Much more secure than just using a
plaintext password (of course neither are secure if someone can log into
your account, but if they can do that, they can modify your Web pages
directly). 

	Mark