[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP posting validation



-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 15 Jan 1994, Philippe Nave wrote:

> Here's my two cents' worth- how about a filter on incoming mail to the list
> that performs these functions:
>   1) check the incoming post for a PGP signature
>   2) If a sig is found, check it against the list's public keyring

	2a)  Make sure that as part of the sign up procedure, the 
		subscriber's public key is also provided.

>   3) If the key matches, pop a line like "X-PGP-Keycheck: user so-and-so"
>      into the posting
>   4) If the incoming message already has a "X-PGP-Keycheck:" line in it, 
>      drop that line off - somebody's trying to spoof us

also:
	4a)  Make sure the line pointing out that it was validated is part
		of the message, and not the headers, because some newreaders
		have a nasty habit of dumping headers that aren't recognized,
		or making them very difficult to find (you have to 
		remember to switch to full headers for pine, for example.)
		I would think that a line added to the end of the message
		as a trailer woudl work dandilly.

	5)  If there is no PGP signature, the message is bounced back to 
		the originating address.  Yes, this might bounce to a 
		non-existant one, but if [email protected] is trying to fake a 
		message from [email protected], [email protected] would find out 
		about it then.  Also, make sure the reply-to: header is
		set so that messages bouncing due to a non-existant address 
		do lead to a loop.

> For those 'punks who can/will sign their messages, this would provide a simple
> 'reputation check' visible to all recipients. For others, postings would flow
> through the system exactly like they do today, vulnerable to spoofs and so on.

Of course, there is the question of the reliability of the automated 
reposter... :-)

> My main concern is that we get a filter online that is secure but simple.
> Programmers (myself included) will want to launch off and devise some 
> horrendously complex PGP empire right away, but it would probably be smarter
> to start small.

Keep it simple and functional, IMHO.

____        Robert A. Hayden          <=> [email protected]
\  /__          -=-=-=-=-             <=>          -=-=-=-=-
 \/  /   Finger for Geek Code Info    <=> To flame me, log on to ICBMnet and
   \/  Finger for PGP 2.3a Public Key <=> target 44 09' 49" N x 93 59' 57" W 
- -=-=-=-=-=-=-=-
(GEEK CODE 1.0.1)  GAT d- -p+(---) c++(++++) l++ u++ e+/* m++(*)@ s-/++
		       n-(---) h+(*) f+ g+ w++ t++ r++ y+(*)


-----BEGIN PGP SIGNATURE-----
Version: 2.3a

iQCVAgUBLTjjG53BsrEqkf9NAQFDlQP+OeDUULpjOMJUxa7dRzf9se5SQL9Eln+f
ZYh8HN7U9phUdroD6n2ta3b6v+hYkNtI6n2DGFtjOLtygxbwH1M8JAkZAFin78zC
Kz8kkRolAxaHTjgRjFRXcyWPxUopDO57+Q+HYcOKJL3AwJa30cDvDmBjvGcXeXSs
UQFQxM4VHf0=
=5NNa
-----END PGP SIGNATURE-----