1996-08-05 - Integrating PGP 3.0 Library with INN

Header Data

From: ichudov@galaxy.galstar.com (Igor Chudov)
To: ggr@usenix.org
Message Hash: 1e3832254b80cc3cffdfce4c8e7a7e05aca5b2d447fe1a72e0aaef3e4f2d25fc
Message ID: <199608051829.NAA19030@galaxy.galstar.com>
Reply To: N/A
UTC Datetime: 1996-08-05 21:46:10 UTC
Raw Date: Tue, 6 Aug 1996 05:46:10 +0800

Raw message

From: ichudov@galaxy.galstar.com (Igor Chudov)
Date: Tue, 6 Aug 1996 05:46:10 +0800
To: ggr@usenix.org
Subject: Integrating PGP 3.0 Library with INN
Message-ID: <199608051829.NAA19030@galaxy.galstar.com>
MIME-Version: 1.0
Content-Type: text


Hi,

Has anyone thought of integrating PGP 3.0 library with INN? 

I was thinking along the lines of having PGPMoose support built
right into INN: if an arriving article is posted to a moderated
newsgroup for which a PGP key is available in the INN's keyring,
INN verifies existence and correctness of a PGP signature.

An article that fails this verification will be dropped. 

Same thing can be used for authenticating newgroup and rmgroup
messages, in the spirit of true freedom on usenet -- anyone would
be sent _their own_ newgroups and rmgroups but no one will
be impersonated.

For those not familar with PGP Moose, it is a program that was written
by Greg Rose. It is used for signing approvals on usenet articles. It
takes message body, several important header fields, signs them with
PGP and places the signatures in the headers, in order not to clobber the
text.

If moderators choose short enough keys (512 bits for example), this
verification will not take any significant amount of CPU time.


igor





Thread