From: Brad Templeton (brad@templetons.com)
Date: Mon Oct 15 2001 - 14:25:23 CDT
On Mon, Oct 15, 2001 at 09:29:14AM +0000, Charles Lindsey wrote:
> In <200110121025.6kp6@message-id.pfm-mainz.de> rbabel@babylon.pfm-mainz.de (Ralph Babel) writes:
>
>
> >Brad Templeton wrote:
>
> >> If somebody forges an article in my name,
> >> I should be able to cancel it quickly and easily.
>
> >Sign your articles. Then there's
> >no need to cancel forgeries later.
>
> But then every Usenet poster worldwide needs a readily-accessible public
> key, which is an order of magnitude worse that Brad's idea that every
> injecting site needs one, which is iself a couple of orders of magnitude
> worse than what we actually want.
I'm afraid there are a couple of key misunderstandings in this comment.
1) I have not proposed that every injecting site need a key, nor every
user need a key for USENET in general. I have proposed that we might
want to consider authenticated-unmoderated newsgroups in the future,
which would be like the authenticated-moderated groups were are planning
in that the articles must be signed, but for which there would not be
a moderator. In these groups, a signature would be needed, either from
the poster, their site, or via a real or challenge/response "meta-moderator"
to whom unsigned posts are diverted.
However, this is definitely a latter stage proposal, so you should not
base your analysis on any assumption that every injecting site or user
would need a key.
2) In a misunderstanding you continue to make, there is no difference
in a certificate system between a few keys and a billion. The code that
checks the signatures and certificates is essentially the same. The
certificate authorities which issue the large numbers of keys, should people
wish to create and trust them, deal with the complexity of issuing those
keys. The sites themselves do no extra work.
Your comment is very much like saying "The new loader allows variable
names up to 32 characters long, which is orders of magnitude more complex
than the old loader which only allowed 8." Or "This idea of a tree based
file system allows millions of files, which is way more complex than the
nice flat file system."