[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: REPOST : Un-forgeable Cancels

To: [email protected]
Subject: Re: REPOST : Un-forgeable Cancels
From: [email protected] (Dr.Dimitri Vulis KOTM)
Date: Fri, 08 Aug 97 07:58:27 EDT
Comments: All power to the ZOG!
In-Reply-To: <[email protected]>
Organization: Brighton Beach Boardwalk BBS, Forest Hills, N.Y.
Sender: [email protected]


[email protected] writes:

> Any comments/glareing weaknesses that I have missed?

Well, you missed credited guys named Franz and Huusinen with proposing this
exact scheme a couple of years ago. You also missed my discussion on how to
allow the local admin to issue cancels as well.

I used to think this scheme is very cool.  Later I realized it had a serious
problem with forgeries in one's name.

Suppose X forges an article in Y's name, and specifies a cancel lock; then
Y can't cancel this forgery.

The retraction server which David is reported to be working on doesn't
rely on passwords on authenticate Y; if Y can demonstrate the ability
to receive a cookie sent to Y, then the server can issue a signed 'hide'
NoCeM for an article that purports to be from Y.  Works for forgeries too.

---

<a href="mailto:[email protected]">Dr.Dimitri Vulis KOTM</a>
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps

Follow-Ups:
- forgeries are good for you (was Re: REPOST : Un-forgeable Cancels)
  - From: Adam Back <[email protected]>

References:
- REPOST : Un-forgeable Cancels
  - From: [email protected]

Prev by Date: Re: "Voluntary Censorship" vs. Govt Legislation
Next by Date: Re: JYA Up
Prev by thread: Re: REPOST : Un-forgeable Cancels
Next by thread: forgeries are good for you (was Re: REPOST : Un-forgeable Cancels)
Index(es):
- Date
- Thread