PGP posting validation

Matthew J Ghio mg5n+ at andrew.cmu.edu
Sun Jan 16 17:08:49 PST 1994


Just to throw in my two cents worth:

How about this: Subscribes to the list (or anyone) can register their
public keys with a special keyserver that is part of the mailing list
software.  Then, on any posts made thereafter, signed with that public
key, the list software would append a header identifying the sender,
their public key ID, and their key fingerprint/md5-hash.  To prevent
spoofing by registering false key IDs, the system could keep a
reputation on each key, and report the number of days that key had been
registered, and the number of posts.  For example, a typical header
might look like:

From: John Doe <jd at net.com>
Subject: Whatever
Date: Tue, 27 May 1996  02:19:35 GMT
PGP-Authenticated-As: 1296A5/1F5A6792E5609CD7A932B1C82CAE934F; John Doe
PGP-Key-Reputation: 372d / 197p

Assuming that John Doe had been on the list over a year (372 days) and
had made 197 posts.  If suddenly a post appeared:

From: John Doe <jd at net.com>
Subject: Detweiler
Date: Tue, 29 May 1996  18:23:56 GMT
PGP-Authentication: Unknown Key

It would indicate that it was signed with a key that the system didn't
have in its database; an obvious forgery.  Hovever if the spoofer was
able to register a false public key with the server, with John Doe's
name on it:

From: John Doe <jd at net.com>
Subject: SQUISH
Date: Tue, 29 May 1996  23:39:47 GMT
PGP-Authenticated-As: 1296A5/6A1DFF5A49D56029B725E05609C0D7A9; John Doe
PGP-Key-Reputation: 0d / 0p

It would still be an obvious forgery, because the key had no reputation.
Anonymous users might like this feature, because they could identify
their posts without exposing their email addresses.
I don't think it's really necessary to block posts from people who don't
sign them, there are circumstances where it's not feasible to do so, but
perhaps a warning could be added such as:

PGP-Authentication: None






More information about the cypherpunks-legacy mailing list