Need PGP-awareness in common utilities
-----BEGIN PGP SIGNED MESSAGE----- <flame="medium"> <!-- thin-skinned, insecure people don't read this. If you are taking medication or are a pregnant woman, consult your doctor before participating. --> I just got a letter back from majordomo@thumper.vmeng.com because my easy-PGP script had clearsigned my outgoing message to it, and majordomo didn't know what to do with the clearsigned message. I really don't see why programs like majordomo, UseNet moderation-bots, and most noticeably the PGP key distribution program are PGP-unaware. Okay, fine. Having waited for FIVE YEARS or however long it has been, you who are responsible for such handy dandy programs may now convincingly argue that you might as well wait for another few months to get PGPlib. But I sincerely hope that once PGPlib arrives we don't wait another five years before using it. (There is another argument that people sometimes make-- that it is too complicated to ensure pubkey<->True Name. SO WHAT! Pubkey<->True Name mapping is an advanced feature that depends upon the existence of some kind of public key infrastructure. Many people, myself included, wouldn't even USE pubkey<->True Name mapping if we had it! Just implement some basic privacy/authentication functions (trivial, using PGP 2.6 under Unix) and MitCH be damned! If we had started with the simple stuff five years ago we might HAVE a complete, secure infrastructure by now.) As an example of this sad state of affairs, no less of a cryptographic enthusiast than Robert Hettinga runs a mailing list (several actually) which breaks every PGP clear-signature that it encounters. Really pitiful, that even our own mailing lists are incompatible with PGP. Regards, Bryce PGP sig follows: [If you see garbage beyond this line, it means you are an anachronistic troglodyte. If you see a "PGP sig okay!" it means you are hi- tech. If you see "PGP sig not okay!" it means some mail-handling software between me and you is written/maintained by anachronistic troglodytes. :-)] </flame> -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMd5l40jbHy8sKZitAQHZZAL7BUlItvGLZaTfBgTORFATkPM141R0P6Ux mOkQY3IG0/Vmf9nJEOg8bubdaCuYmuVCJhAek6boyQsmd6VTxqxVChniSWN1Uhth Ony1VSmufCdeqFbCGBqcAM5rfF8KM49h =9obd -----END PGP SIGNATURE-----
bryce@digicash.com wrote:
I really don't see why programs like majordomo, UseNet moderation-bots, and most noticeably the PGP key distribution program are PGP-unaware.
My moderation bot STUMP is not only PGP-aware, it is also doing a lot of PGP-related things. Among them: 1) For posters who voluntarily chose additional protection, STUMP allows only messages with a valid PGP signature to be posted. All posts from these people that do not have a PGP sig or have an invalid sig, are automatically rejected. It protects them from forgeries. 2) All exchange between my modbot and human moderators is PGP-signed (and encrypted when necessary), to insure integrity of moderation email traffic. 3) All message approved for posting to usenet get signed with Greg Rose's PGPMoose program. 4) There is an additional service for those who post through anonymous remailers BUT want to have an identity and reputation. The idea is that they submit their PGP keys to the robomoderator, and later robomod takes the user id from the PGP key, replacing meaningless anonymous addresses with their identity. We currently have at least two posters whose real life identities are unknown, who use this feature and have sent us their PGP keys. STUMP is currently working in production mode seemingly with no problems. For details, look at http://www.algebra.com/~ichudov/usenet/scrm/robomod/robomod.html - Igor.
-----BEGIN PGP SIGNED MESSAGE----- An entity calling itself ichudov@algebra.com probably wrote something like:
My moderation bot STUMP is not only PGP-aware, it is also doing a lot of PGP-related things. Among them:
1) For posters who voluntarily chose additional protection, STUMP allows only messages with a valid PGP signature to be posted.
<snip>
2) All exchange between my modbot and human moderators is PGP-signed (and encrypted when necessary) <snip> 3) All message approved for posting to usenet get signed with Greg Rose's PGPMoose program. <snip> 4) There is an additional service for those who post through anonymous remailers BUT want to have an identity and reputation. <snip> <Great idea!> We currently have at least two posters whose real life identities are unknown, who use this feature and have sent us their PGP keys.
STUMP is currently working in production mode seemingly with no problems.
Okay Igor, that is an impressive list of features! Now what I want to know (and what I want other people here to hear) is: _How_ difficult was it to incorporate these PGP features into your software? My guess is that it was a simple matter of making a couple of system calls to PGP, plus maybe extra defense against replay attacks (you _do_ have defense against replay attacks don't you?) and the fact that you have more debugging work because you have more features. Regards, Bryce Return-Path: ichudov@manifold.algebra.com Received: from galaxy.galstar.com (galaxy.galstar.com [204.251.80.2]) by digicash.com (8.6.11/8.6.10) with ESMTP id TAA15575 for <bryce@digicash.com>; Sat, 6 Jul 1996 19:54:16 +0200 Received: from manifold.algebra.com (manifold.algebra.com [204.251.82.89]) by galaxy.galstar.com (8.6.12/8.6.12) with ESMTP id MAA12554; Sat, 6 Jul 1996 12:52:30 -0500 Received: (from ichudov@localhost) by manifold.algebra.com (8.7.5/8.6.11) id MAA31894; Sat, 6 Jul 1996 12:53:02 -0500 Message-Id: <199607061753.MAA31894@manifold.algebra.com> Subject: Re: Need PGP-awareness in common utilities To: bryce@digicash.com Date: Sat, 6 Jul 1996 12:53:02 -0500 (CDT) Cc: cypherpunks@toad.com, e$@thumper.vmeng.com Reply-To: ichudov@algebra.com (Igor Chudov) In-Reply-To: <199607061311.PAA08700@digicash.com> from "bryce@digicash.com" at Jul 6, 96 03:11:48 pm From: ichudov@algebra.com (Igor Chudov @ home) X-No-Archive: yes X-Mailer: ELM [version 2.4 PL24 ME7] Content-Type: text bryce@digicash.com wrote:
I really don't see why programs like majordomo, UseNet moderation-bots, and most noticeably the PGP key distribution program are PGP-unaware.
My moderation bot STUMP is not only PGP-aware, it is also doing a lot of PGP-related things. Among them: 1) For posters who voluntarily chose additional protection, STUMP allows only messages with a valid PGP signature to be posted. All posts from these people that do not have a PGP sig or have an invalid sig, are automatically rejected. It protects them from forgeries. 2) All exchange between my modbot and human moderators is PGP-signed (and encrypted when necessary), to insure integrity of moderation email traffic. 3) All message approved for posting to usenet get signed with Greg Rose's PGPMoose program. 4) There is an additional service for those who post through anonymous remailers BUT want to have an identity and reputation. The idea is that they submit their PGP keys to the robomoderator, and later robomod takes the user id from the PGP key, replacing meaningless anonymous addresses with their identity. We currently have at least two posters whose real life identities are unknown, who use this feature and have sent us their PGP keys. STUMP is currently working in production mode seemingly with no problems. For details, look at http://www.algebra.com/~ichudov/usenet/scrm/robomod/robomod.html - Igor. -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMd7Dj0jbHy8sKZitAQGkIAMAxr5F3Lqv2cUBekFz3KRam1H4uE4qKrHx cv7DwvRUXVX89TK0TFVlt/T3nwD8NBTwMtMG+xnlltHCLcjrSC0gd+3Pu2B8o0nD 0JnXWitvZtAm405YPKaN7sX6hCGGyNOX =U+4Q -----END PGP SIGNATURE-----
bryce@digicash.com wrote:
An entity calling itself ichudov@algebra.com probably wrote something like:
My moderation bot STUMP is not only PGP-aware, it is also doing a lot of PGP-related things. Among them:
1) For posters who voluntarily chose additional protection, STUMP allows only messages with a valid PGP signature to be posted.
<snip>
2) All exchange between my modbot and human moderators is PGP-signed (and encrypted when necessary) <snip> 3) All message approved for posting to usenet get signed with Greg Rose's PGPMoose program. <snip> 4) There is an additional service for those who post through anonymous remailers BUT want to have an identity and reputation. <snip> <Great idea!> We currently have at least two posters whose real life identities are unknown, who use this feature and have sent us their PGP keys.
STUMP is currently working in production mode seemingly with no problems.
Okay Igor, that is an impressive list of features! Now what
thanks
I want to know (and what I want other people here to hear) is: _How_ difficult was it to incorporate these PGP features into your software?
Almost nothing is dufficult, in general. In particular, implementation of these features was easy. Coming up with how they should work was not that easy. Thanks to members of Cypherpunks list for their suggestions, by the way. You know, this stuff is easy to do in perl and sh.
My guess is that it was a simple matter of making a couple of system calls to PGP, plus maybe extra defense against replay attacks (you _do_ have defense against replay attacks don't you?) and the fact that you have more debugging work because you have more features.
Depends on what replay attacks you are talking about. If you are more specific, I can talk about it. Some of it is discussed at http://www.algebra.com/~ichudov/usenet/scrm/robomod/robomod.html - Igor.
-----BEGIN PGP SIGNED MESSAGE----- You know, Igor... (It has been a few months since I was hot on this idea, but hearing about your practical PGP successes has gotten me interested again...) If you have a moderation bot for a Usenet group (and could it be pressed into service as a mailing list handler I wonder?), this would be a nice tool to start with in order to implement full-fledged content/author ratings. Anybody wanna hack a perl script or two to produce/consume content/author ratings for cypherpunks (it could surely use some!). We can use my dormant mailing list, c2punks@c2.net, as a parallel channel to transmit cypherpunk (and maybe other) ratings. Let me know. We _could_ adopt the ridiculously simple NoCeM protocol, or the ever-mutating public key certificates being designed in a nearby mailing list, or some protocol of our own. (Shouldn't be too hard to come up with an implementable, useful protocol.) (And of course we can mix Ecash(tm) in...) Bryce P.S. Look for demo in a second. -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMd7XyUjbHy8sKZitAQG37QL7Br0vNB2xx4rwyGmXUqP8YYkY3GV5Q2Cv Ut0PmkdKTlmDkM0nFzZEYTuOhvPwabglpq385Dzp6vjUratILMhOQLulqueumj/C zOz4KcUEPqinK7KMg5ZnkZPy6d02goh2 =OBSL -----END PGP SIGNATURE-----
bryce@digicash.com wrote:
You know, Igor... (It has been a few months since I was hot on this idea, but hearing about your practical PGP successes has gotten me interested again...)
If you have a moderation bot for a Usenet group (and could it be pressed into service as a mailing list handler I wonder?), this
Yes, it can be. When I was writing it I had in mind that I want to write a general moderation bot that can be _applied_ to USENET. There is a script processApproved which is called when a message should get posted. If you replace the usenet version of processApproved to mailing list version, you will be done.
would be a nice tool to start with in order to implement full-fledged content/author ratings.
Well, STUMP is a generic moderation tool.
Anybody wanna hack a perl script or two to produce/consume content/author ratings for cypherpunks (it could surely use some!). We can use my dormant mailing list, c2punks@c2.net, as a parallel channel to transmit cypherpunk (and maybe other) ratings.
So, what you want is a tool that accepts "unmoderated" cpunks list, selects messages by authors with high ratings, and forwards only these into the "filtered" list? That's neat _if_ ratings are done by people whose tastes are similar to mine..
Let me know. We _could_ adopt the ridiculously simple NoCeM protocol, or the ever-mutating public key certificates being designed in a nearby mailing list, or some protocol of our own. (Shouldn't be too hard to come up with an implementable, useful protocol.)
????? - Igor.
-----BEGIN PGP SIGNED MESSAGE----- An Igor-like entity wrote something like this:
Yes, it can be. When I was writing it I had in mind that I want to write a general moderation bot that can be _applied_ to USENET.
There is a script processApproved which is called when a message should get posted. If you replace the usenet version of processApproved to mailing list version, you will be done.
Nice design. :-)
Anybody wanna hack a perl script or two to produce/consume content/author ratings for cypherpunks (it could surely use some!). We can use my dormant mailing list, c2punks@c2.net, as a parallel channel to transmit cypherpunk (and maybe other) ratings.
So, what you want is a tool that accepts "unmoderated" cpunks list, selects messages by authors with high ratings, and forwards only these into the "filtered" list? That's neat _if_ ratings are done by people whose tastes are similar to mine..
Hm. That might be an interesting addition to my plan, but the first step is to generate ratings and to consume them at each individual's mail-handling site. So I, for example, would run a script every time I received mail (or every hour, or every day, etc) which looked for ratings certificates, PGP-verified them, and saved the rating in a database. Then I would run another script (every time I received mail, or every hour, etc.) which identified incoming messages and _did_ something to them if there were sufficient ratings in the database to merit _doing_ something to them (e.g. delete, promote to a "well-rated" folder, demote to a "poorly-rated" folder, forward to my friends, forward to my enemies, etc.). Now as you astutely note, this is only valuable if you like the ratings. Thus it is necessary to have meta-ratings. The simplest meta-rating is "rate raters by hand". That is, you manually make a list of (potential) raters and put their public key ID and a coefficient indicating how much you value their ratings into a meta-ratings database. More complicated meta-ratings include "how often did I agree with them", true (acquired from other people) meta-ratings, and... um.. automated textual analysis or whatever other whacky heuristic you want to plug in. This could be so much fun... Bryce P.S. Oh yeah... The demo. Just a sec. Return-Path: ichudov@manifold.algebra.com Received: from galaxy.galstar.com (galaxy.galstar.com [204.251.80.2]) by digicash.com (8.6.11/8.6.10) with ESMTP id XAA26531 for <bryce@digicash.com>; Sat, 6 Jul 1996 23:35:45 +0200 Received: from manifold.algebra.com (manifold.algebra.com [204.251.82.89]) by galaxy.galstar.com (8.6.12/8.6.12) with ESMTP id QAA11089; Sat, 6 Jul 1996 16:32:06 -0500 Received: (from ichudov@localhost) by manifold.algebra.com (8.7.5/8.6.11) id QAA00782; Sat, 6 Jul 1996 16:32:39 -0500 Message-Id: <199607062132.QAA00782@manifold.algebra.com> Subject: Re: Need PGP-awareness in common utilities To: bryce@digicash.com Date: Sat, 6 Jul 1996 16:32:38 -0500 (CDT) Cc: ichudov@algebra.com, cypherpunks@toad.com, e$@thumper.vmeng.com Reply-To: ichudov@algebra.com (Igor Chudov) In-Reply-To: <199607062117.XAA25154@digicash.com> from "bryce@digicash.com" at Jul 6, 96 11:16:59 pm From: ichudov@algebra.com (Igor Chudov @ home) X-No-Archive: yes X-Mailer: ELM [version 2.4 PL24 ME7] Content-Type: text bryce@digicash.com wrote:
You know, Igor... (It has been a few months since I was hot on this idea, but hearing about your practical PGP successes has gotten me interested again...)
If you have a moderation bot for a Usenet group (and could it be pressed into service as a mailing list handler I wonder?), this
Yes, it can be. When I was writing it I had in mind that I want to write a general moderation bot that can be _applied_ to USENET. There is a script processApproved which is called when a message should get posted. If you replace the usenet version of processApproved to mailing list version, you will be done.
would be a nice tool to start with in order to implement full-fledged content/author ratings.
Well, STUMP is a generic moderation tool.
Anybody wanna hack a perl script or two to produce/consume content/author ratings for cypherpunks (it could surely use some!). We can use my dormant mailing list, c2punks@c2.net, as a parallel channel to transmit cypherpunk (and maybe other) ratings.
So, what you want is a tool that accepts "unmoderated" cpunks list, selects messages by authors with high ratings, and forwards only these into the "filtered" list? That's neat _if_ ratings are done by people whose tastes are similar to mine..
Let me know. We _could_ adopt the ridiculously simple NoCeM protocol, or the ever-mutating public key certificates being designed in a nearby mailing list, or some protocol of our own. (Shouldn't be too hard to come up with an implementable, useful protocol.)
????? - Igor. -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMd7hAkjbHy8sKZitAQGGwwMAtgHInUGs0ugyLJKSzigjNoZ3Tdu3NW7X NgQkc+1ZyJz8ev43FM2knFmp7F8pImP5wZU9l6swJKsSXuzc7TRi6rObaLdOIVEY 4j0y/UWGGE6O+vGtavzjYOLiuVG7uoWk =RwfO -----END PGP SIGNATURE-----
participants (2)
-
bryce@digicash.com -
ichudov@algebra.com