jbaber@mi.leeds.ac.uk writes:
Any comments/glareing weaknesses that I have missed?
Well, you missed credited guys named Franz and Huusinen with proposing this exact scheme a couple of years ago. You also missed my discussion on how to allow the local admin to issue cancels as well. I used to think this scheme is very cool. Later I realized it had a serious problem with forgeries in one's name. Suppose X forges an article in Y's name, and specifies a cancel lock; then Y can't cancel this forgery. The retraction server which David is reported to be working on doesn't rely on passwords on authenticate Y; if Y can demonstrate the ability to receive a cookie sent to Y, then the server can issue a signed 'hide' NoCeM for an article that purports to be from Y. Works for forgeries too. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps