From: Russ Allbery (rra@stanford.edu)
Date: Sat Jul 11 1998 - 14:46:53 CDT
Brad Templeton <brad@templetons.com> writes:
> On Fri, Jul 10, 1998 at 09:59:08PM -0700, Russ Allbery wrote:
>> I will be happy to try to implement any of the proposed systems if I
>> have time, but doing so portably is going to be a problem for me as I
>> have no access to Windows. If it can be done in pure Perl, I can do
>> it, but if I have to rely on external libraries like Brad's talking
>> about, it'd have to be Unix-only.
> The libraries are not unix based, but they are in C. Perl would be far
> too slow.
Right, that's what I expected.
> Perl interfaces to the libraries may exist.
Possible, but probably unlikely.
> I know Java class libraries for DSA also exist.
Probably irrelevant for news. I'm certainly not touching anything written
in Java with a ten-foot pole.
> Look at http://www.cs.hut.fi/crypto/software.html for a list of various
> libraries.
Will do.
>> One way to get a limited test area would be to try out signing all
>> messages using whatever signature algorithm is proposed in one
>> moderated group.
> Pgpmoose works like that already. Moderators sign posts (with hacked
> pgp output), and a cancelbot issues a cancel for anything unsigned.
I repeat, Brad, PGP is *not* an acceptable trial implementation.
My observation from your participation on this list is that you have a
tendency to strongly argue theoretical points, and make good arguments for
the ideas that you favor, but then brush aside all details of exactly how
one would make such a system function as irrelevant implementation
details. I appreciate your contributions to the theory, but in the end
Usenet is a system that has to actually function.
One working program is worth a thousand messages to usefor.
If it isn't implemented, then as far as the rest of the world is concerned
it doesn't exist. Unless someone takes one of these systems and writes
working code to implement it, we can argue about this until the end of
time and nothing we say is actually going to change Usenet at all. I
think this current discussion has already reached the point where people
are simply repeating things they have already said and the only way we're
going to resolve differences is for someone to write code and show how
this will work. How fast it will be. How feasible it will be.
So if you want to be persuasive, you are going to have to find someone to
write your code, or you're going to have to write it. I'm volunteering,
time permitting, but *you've not given sufficient detail for me to write
code*. Neither have the cancel lock folks. It's possible that sufficient
detail exists out there somewhere, but I'd *really* like to see that so
that I can start generating and checking cancel locks and seeing how it's
going to actually function. And ditto with the certificate system.
(I'm not saying I'm going to have a working program a month, or even three
months, after someone gives me that detail. It's greatly dependent on how
much time I have for such projects. I'm saying that until we *have* that
detail, these discussions are fundamentally dead ends.)
>>> Anybody volunteering to add their machines to the MX for
>>> cancel.usenet.org, anybody? :-)
>> Not me. :)
> From its beginnings 18 years ago, USENET has owed its growth to the
> generousity of sites willing to give and share some resources to make
> the network work. I don't see that ending now.
You must know how many cancels are issued per day. Do you honestly expect
anyone to volunteer to funnel that load through a mail system?
-- Russ Allbery (rra@stanford.edu) <URL:http://www.eyrie.org/~eagle/>