From: Benjamin Franz (snowhare@nihongo.org)
Date: Mon Oct 15 2001 - 12:32:38 CDT
On Fri, 12 Oct 2001, Brad Templeton wrote:
> On Fri, Oct 12, 2001 at 12:25:55PM +0200, Ralph Babel wrote:
> > Brad Templeton wrote:
> >
> > > If somebody forges an article in my name,
> > > I should be able to cancel it quickly and easily.
> >
> > Sign your articles. Then there's
> > no need to cancel forgeries later.
>
> Alas, that doesn't work, which is why preventing forgery is one of the
> hardest problems. Unless remote sites somehow have decided to remember
> that all articles from rbabel@babylon.pfm-mainz.de MUST be signed, and
> reject any that are not signed by you, forgeries are possible.
I'm sorry. You are attempting to solve a primarily _social_ problem with a
primarily _technical_ solution. To prevent your pet fear of someone,
somewhere, sometime writing an unsigned message with your 'name' - you
will completely sacrifice everyone _else_'s right to privacy.
And the worst part of it is that it won't even do what you want because
<noonespecial@someremailer.com> can _still_ post messages signed "Brad
Templeton" with complete PK veracity for his address. And you *still*
couldn't cancel him since _you_ don't own 'noonespecial@someremailer.com'.
The only thing you _can_ do is sign every message you _do_ post. Because
regardless of PK certs, legal niceties or any change in usenet short of
imposing a totalitarian style goverment issued 'licence to post' - you
can't stop forgeries from being published in your name.
-- Benjamin Franz"Code as if whoever maintains your code is a violent psychopath who knows where you live." -- Nancy Lebovitz, the button lady