From: Brad Templeton (brad@templetons.com)
Date: Sat Jul 11 1998 - 14:39:59 CDT
On Sat, Jul 11, 1998 at 12:04:44PM -0700, John Stanley wrote:
> It's clear that you are arguing from a position of dishonesty. You first
This is ridiculous. Dishonesty? That implies some secret agenda, some
desire to "sneak something by." I just have opinions, and facts, about
what systems are the best ones for the future of USENET, and which are
the most efficient. If you are inventing motives for me to counter my
arguments, I suggest you re-look at yourself and why you would do that.
I have never found net debate to be productive when people start assigning
motives to the others in the debate.
All the specs and details of my proposals have been on my web pages for
months.
When it comes to verifying cancels, PK signature is a smaller system than
cancel locks. It is much more complex, and normally there would be no
contest on the complexity, except that we have to implement the PK
signature system anyway, because cancel locks demand a trusted 3rd party
system. As such, the fact that they are smaller becomes a factor in
their favour. Even without certificate collapse. Signature plus
certificate should run about 350 bytes by my estimate, still smaller than
the many cancel locks per cancel article that system would require.
However, these are all side issues. The cancel lock system does one
thing -- verify cancels. It does this one thing at a higher cost in bytes
than signatures do that one thing. If implemented, it forces us to also
implement the more complex PK cancel system.
The question that remains is, having done 90% of the work to define the
spec for the PK cancel system that cancel-locks demand we have, why should
we not do the remaining 10% to allow article authentication and general
control message authentication as well as cancel authentication.
And, if we are doing PK cancel authentication, why do the cancel locks
at all? Well, I understand the argument for that -- they are simpler
for the end user. However, they are also larger in terms of total article
size, so I don't accept the argument that sites or moderators should use
them -- and double or triple that size cost.