From: Brad Templeton (brad@templetons.com)
Date: Thu Jun 03 1999 - 14:24:50 CDT
On Thu, Jun 03, 1999 at 09:00:37PM +0200, Brad Knowles wrote:
> At 11:30 AM -0700 6/3/99, Brad Templeton wrote:
>
> > However, the main problem is
> > that the headers, in a multipart/signed, would be at the *bottom*,
> > forcing you to read the entire article just to see what the Newsgroups
> > are.
>
> Hmm, so you're saying that people are likely to phase in the
> support for signed articles on a newsgroup hierarchy basis? Are
> there any other headers that would potentially be problematical?
I don't understand. One would presume headers like Date, Newsgroups,
Message-id and such are signed. But they are headers a relay or database
needs to process an article. That means the relay, if it is
signature compliant, has to read in and parse the article body in order
to figure out what newsgroups the article is in, or whether the date is
too far in the past, or what message-id to store it under.
(Fortunately the client can trust its server to have verified the old
headers so it can use those.)
This is a major rework of the data flow and structure of relay and database
tools. Signature in the headers simply requires the ability to hash
the headers and body and check the signature. It is also suggested
that the hashing of the body be delayed by using a signed contenet-md5 header
for the body, though at most that only delays the hashing of the body
to the end. (I can see the value of that however to avoid having to change
designs too much, since many tools don't read the body until they are done
with the header.)
>
> You could certainly enclose a message/rfc-822 within a
> multipart/signed, and get the headers signed within that context.
Sure, but what would it get you? Your main argument is compatability with
mail systems -- but what would they do with this encapsulated message?
Would it help them verify the From: line for the user? Would they
display it properly?
I mean, what do people want from signature? The goal is to make
forgery and fiddling with articles impossible. What that means is
that by the time an article gets to a reader, they can trust it's from who
it says it is from. In a moderated group, they can trust the moderator
approved it. The articles that moderator didn't approve aren't there
at all.
What do mail gateways gain from getting a multipart/signed with an
enclosed message/rfc822 part?
They could gain something with major rewrites on their part to handle
news, but that eliminates all arguments about taking advantage of installed
mail code.
>
> > I thought you wanted to stop talking about this?
>
> Well, I do, but obviously none of the three of us are going to
> allow either of the other two to get the last word. ;-)
You know the rule. The person who wants to stop a debate takes on the
duty of not replying.