From: Brad Templeton (brad@templetons.com)
Date: Wed May 02 2001 - 16:45:51 CDT
On Wed, May 02, 2001 at 07:02:50PM +0200, Thomas Roessler wrote:
> On 2001-05-02 01:49:58 -0700, Brad Templeton wrote:
>
> > Since manual key management is a nightmare compared to a proper
> > PKI, if people can make that work, I have a lot of faith.
>
> Manual key management and volunteer PKIs work on a certain scale.
A minimal one. There are few enough hierarchies that just downloading
the file of keys from isc.org is mostly working, but it would break badly
if there were ever the need to replace the trusted party, because a
key was compromised, or the party went "rogue."
However, the next simple problem, namely moderated newsgroups, would
need a certificate system. We gave up long ago on manual configuration
of where to mail moderated articles for the same reason.
> Signed cancels for everyone require a PKI of an entirely different
> scale which can hardly be iplemented by volunteer work, I think.
The authentication required for signing of usenet articles and cancels
needs fairly minimal security. As such, a volunteer PKI is actually
quite workable, since email challenge-response is adequate for handing out
certs. All that takes is a few servers out there which when asked, will
email a cert for an address to the address being certified. I would be
happy to provide such a service myself, for free, and many others would
as well. The main barrier to it is making that machine secured. It would
be a good PR move for a security company.
It means if I can hack your email I can get a cert for you and post to USENET
as you and cancel as you. I find this acceptable, if not perfect. Most
other schemes have the same problem.
However this begs the question. Most people would not get their own cert.
The vast, vast majority would not even be aware of the system. Instead,
their site would get a cert (perhaps though a slightly more secure process)
and their injector would sign their articles and their cancels. No new
software for the users at all. Users who wished to sign their own articles
could get a cert and signing software and do so, but would not be required
to. Simply getting the injectors at AOL and the other 100 top sites to
sign articles with a site key would result in most of the articles and
cancels on USENET being signed without the users having to do anything.
>
> That is, I don't believe that signed cancels can really replace the
> far easier cancel locks, which can live without a PKI.
Signed cancels can be done without a PKI, if you're willing to, and are
still quite a bit superior to cancel locks in this case. All it takes
is a couple of trusted 3rd party spam cancellers, whose keys you are
installing manually rather than using a PKI, to set up e-mail based
cancel services as I described. (These don't need to even be as secure,
since even with holes this is a lot better than what we have now.)
Since we _already_ plan to have these 3rd party signed cancels, why not
use them?
Look at some of the advantages:
a) You don't add 80 bytes or more to every article.
b) Users don't need new posting software
c) Users can post an article with old posting software and still
decide after the fact you want to cancel it.
d) Users don't need new cancel software. If they issue an old
cancel, it gets forwarded to the cancelbot
e) You aren't trapped unable to cancel your own articles because
your injector added a cancel lock for the site admins but you
didn't.
f) In most cases, sites can execute the cancel immediately, even
before the article arrives.
g) Sites don't have to implement both cancel lock and 3rd party
signed cancel, they just do the latter.
h) It allows users to be able to cancel their postings in moderated
groups even if they didn't put on a cancel and the moderator
did. (Though this ability can be turned off at the cancel bot)
i) It's not simply an invitation to spammers to put cancel locks
on every spam.