From: Brad Templeton (brad@templetons.com)
Date: Tue May 01 2001 - 13:06:24 CDT
On Tue, May 01, 2001 at 11:33:21AM +0200, Florian Weimer wrote:
> chl@clw.cs.man.ac.uk (Charles Lindsey) writes:
>
> > Now signed cancels are too much for the ordinary users, and the PKI you
> > would need to back it up is horrendous.
>
> I can confirm this. Building a PKI that large is difficult.
But everybody is agreed that you need some public key system to allow
3rd party cancel (for spam, moderators and retromoderators). So once
you have that, I continue to ask why also do the inferior system?
I'm not saying users would be required to have their own keys, or even
that sites be required to. All you need is one party with a 3rd party
cancel key to run an email challenge-response cancel.
This can work two ways.
1) With minor mod, the user's software or the injector simply emails any
cancel generated to the cancel system.
That's it. How is that complex? The system emails back, to the poster
of the article, a challenge message. That challenge message offers 3
ways to confirm the cancel:
a) Reply
b) Post the signed cancel attached to the mail yourself
c) Click on a URL in the email
(The signed cancel
2) With no code required by any user, the cancel system simply looks for
unauthenticated cancels on the net, and mails a challenge to the author.
This only works for global cancel of course.
Important note: Two possible signed cancels must be generated.
If the cancelbot had a copy of the original article, it can confirm
it was posted by the canceller, and generate an authoritative cancel
that does not require checking the original at remote sites. If
it does not have the original article, it will insert the confirmed
email address of the canceller, and remote sites can verify the match.