From: Brad Templeton (brad@templetons.com)
Date: Fri Oct 12 2001 - 13:24:43 CDT
On Fri, Oct 12, 2001 at 12:25:55PM +0200, Ralph Babel wrote:
> Brad Templeton wrote:
>
> > If somebody forges an article in my name,
> > I should be able to cancel it quickly and easily.
>
> Sign your articles. Then there's
> no need to cancel forgeries later.
Alas, that doesn't work, which is why preventing forgery is one of the
hardest problems. Unless remote sites somehow have decided to remember
that all articles from rbabel@babylon.pfm-mainz.de MUST be signed, and
reject any that are not signed by you, forgeries are possible. Sadly
even this is not enough, since you probably have email aliases too.
The only way to actually stop forgeries is to have a set of newsgroups
which accept _only_ signed articles. (that's similar to the way some
robomoderated groups work today.) In that case, if the certificates are
well assigned, forgery is not possible. But we're a long way from that,
and it still doesn't deal with ordinary newsgroups which don't follow such
a rule and presumably never will. So you want to be able to cancel
that post in your name that says "all hail bin laden" that's getting you
the death threats.
> > If somebody posts an article from a site,
> > the site admin should be able to cancel it.
>
> Please define "site", "site admin" and "to post
> from a site" unambiguously, and please explain the
> implications for parallel injection of articles.
A site can be clearly defined as a number of things, including postings
where the from/reply-to is in a domain belonging to the site, or postings
that came through an injector of a site, or both. These are precise
definitions.
>
> Besides: why did the "site admin" give the
> poster permission to post in the first place?
Quite often an ISP lets all their users post. A user posts a fat spam
from the ISP, the ISP is getting lots of spam complaints to their abuse
address taking up sysadmin time. The ISP wants to cancel the user's
account but also ideally get rid of the postings to stop the complaints.
>
> > If somebody forges a spam attack appearing to come
> > from my site, I should be able to cancel it.
>
> If the so-called "spam attack" doesn't carry a valid
> signature, everyone can recognize that it didn't
> come from "your site". Not a cancel issue.
That's not how it works today nor is likely to work. First of all, few
to nobody is signing acutal postings, and while we may wish that to be
possible, that's some distance away, and as described would only be
effective in new hierarchies where a signature is acutally tested.
If signatures are not tested, they don't affect forgery.