[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Integrating PGP 3.0 Library with INN
Hi,
Has anyone thought of integrating PGP 3.0 library with INN?
I was thinking along the lines of having PGPMoose support built
right into INN: if an arriving article is posted to a moderated
newsgroup for which a PGP key is available in the INN's keyring,
INN verifies existence and correctness of a PGP signature.
An article that fails this verification will be dropped.
Same thing can be used for authenticating newgroup and rmgroup
messages, in the spirit of true freedom on usenet -- anyone would
be sent _their own_ newgroups and rmgroups but no one will
be impersonated.
For those not familar with PGP Moose, it is a program that was written
by Greg Rose. It is used for signing approvals on usenet articles. It
takes message body, several important header fields, signs them with
PGP and places the signatures in the headers, in order not to clobber the
text.
If moderators choose short enough keys (512 bits for example), this
verification will not take any significant amount of CPU time.
igor