[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Need PGP-awareness in common utilities



[email protected] wrote:
> I really don't see why programs like majordomo, UseNet
> moderation-bots, and most noticeably the PGP key distribution
> program are PGP-unaware.

My moderation bot STUMP is not only PGP-aware, it is also doing
a lot of PGP-related things. Among them: 

1) For posters who voluntarily chose additional protection, STUMP allows
only messages with a valid PGP signature to be posted. All posts from
these people that do not have a PGP sig or have an invalid sig, are
automatically rejected. It protects them from forgeries.

2) All exchange between my modbot and human moderators is PGP-signed
(and encrypted when necessary), to insure integrity of moderation
email traffic.

3) All message approved for posting to usenet get signed with Greg
Rose's PGPMoose program.

4) There is an additional service for those who post through anonymous
remailers BUT want to have an identity and reputation. The idea is that
they submit their PGP keys to the robomoderator, and later robomod
takes the user id from the PGP key, replacing meaningless anonymous
addresses with their identity.

We currently have at least two posters whose real life identities are
unknown, who use this feature and have sent us their PGP keys.

STUMP is currently working in production mode seemingly with no problems.

For details, look at 

	http://www.algebra.com/~ichudov/usenet/scrm/robomod/robomod.html

	- Igor.