From: Seth Breidbart (sethb@panix.com)
Date: Thu Jan 10 2002 - 21:28:48 CST
>> We can't specify policy for ISPs.
>
> We aren't trying to. We are trying to specify that an injector MUST NOT
> insert or change an indentity header when it cannot know the header is
> wrong.
That MUST NOT violates the policy of some ISPs.
> No, we should forbid that behaviour, since it will absolutely break the
> ability to sign an article.
No, it only breaks the ability to sign the particular header that the
ISP changes. The article (body and all the other headers) can still
be signed.
>>It shouldn't be; that was a strawman argument that if a user provides
>>and signs it, then the injector replacing it will break the signature.
>
> So what? If someone signs the Injector-Info header, that is his problem.
> On the other hand, if someone inserts the correct data in both From and
> Sender headers and signs the article, the injector MUST NOT change those
> headers. Period.
So you say. Some injectors do that, and I think the behavior should
be deprecated at this point, rather than making them immediately
non-compliant.
>>> Answer: you don't know it, but the contents look reasonable so you assume
>>> they are correct.
>>That and the fact that, with one exception (which I learned about but
>>never actually sent mail to), the hundreds of people I've sent email
>>to in response to their Usenet postings had given good addresses.
> Your "fact" is irrelevant, it proves nothing about the validity of an
> address you see today.
So the claim is made that most addresses are bad, I point out that in
my experience most are good, and suddenly it becomes irrelevant.
That's not a winning way to argue.
> Nor does it have any relevance to the issue at
> hand, which is how an injector is supposed to know what YOU cannot.
The injector knows what it can or cannot verify. That's all it
knows. It acts on the basis of what it knows.
>>It is saying that it doesn't know that it is
>>correct, which is true.
> And, in effect, saying that is guessing that it is wrong.
No, it isn't. If you choose to misinterpret it that way, that's your
problem.
> It is taking the same action whether it says "I guess this is wrong"
> or "I don't know this is right." Same effect, same meaning.
Except that it never says the former, because it can't know that, and
it doesn't guess.
>>Now if someone breaks into my account and posts as me, the encrypted
>>Injector-Info header (which is validated by the injector) says it is
>> from me. Why is that different?
>
> Different than what?
Did you read the message you followed up to?
> Different than people all over the world assuming that you really did
> post the article because they know your server validates From headers,
> while they don't necessarily know how to decode some encrypted
> Injector-info header?
The topic brought up was the action of _my ISP_ as a result of that
posting. My ISP can certainly decode the Injector-Info header.
>>1. Every article will have a Sender header,
>
> If you cannot argue against what I actually say, make it up, huh?
>
> No, I said no such thing.
We'll see.
>>Otherwise, some articles (e.g. those I post with From:
>>sethb@panix.com) can still be properly signed.
>
> So you sign them, and your injector decides to insert a Sender header.
You just claimed that the injector will _not_ always add a Sender
header.
In particular, this injector (whose behavior I've observed for years)
will not add one when the From: is sethb@panix.com.
> Or is changes your From.
Speaking of straw men. . .
>> I would claim
>>that when I'm using a different account, the sender is different.
>
> Then apparently simple english is a problem. I've got two windows open at
> this very moment. If I post news from one of them, my From: says one
> thing. If I post in the other, it says something else. You'd have a very
> hard time arguing successfully that I am a different person using two
> windows.
When did I say that the "sender" is a person? For technical purposes,
it's an account.
> By inserting the Sender header, you claim that the From entity DID
> NOT post the article.
You choose to interpret it that way, despite the fact that it isn't
the claim being made.
>>It would be unwise (though not prohibited) to include Sender in a
>>signature.
> Nonsense.
Since some software modifies Sender (do you want to claim that no such
software exists? You'd be easily proven wrong), and that software is
not uncommon (e.g. Panix's injector), then it is unwise to sign the
Sender header.
> Since the Sender header is intended to identify "the person or
> software (usually, but not always, the same as the poster)
> responsible for the operation of the posting agent or, which amounts
> to the same thing, for passing the article to the injecting agent",
> it should be signed if the From header is signed, to prevent someone
> from changing the identity of the actual poster.
If From is signed and Sender isn't, then, if I trust the signature, I
trust the From and not the Sender. Do you understand the concept of
trusting stuff that's signed, and only that stuff?
Seth