Two more cents (PGP/mailing list)

Philippe Nave pdn at dwroll.dw.att.com
Mon Jan 17 12:19:21 PST 1994 

-----BEGIN PGP SIGNED MESSAGE-----

In my 'two cents' posting the other day, I used the term 'filter' when I
should have used a term like 'preprocessor' or something. If you've got
a copy of the posting, note that later on in the message I suggested that
the PGP validation step should allow unsigned messages to flow through the
list in the usual manner- my suggestion should in no way be construed as 
advocating censorship or conditional acceptance of postings.

My suggestion was for a very simple, automatic verification of PGP signatures
against a 'cypherpunks public keyring' for those who sign their posts and
provide public keys to the list maintainer(s). I see these benefits:
   1) This would not alter the way the list runs today; if messages come
      in with no PGP sig, they'd just get broadcast unchanged
   2) For those who sign messages, this would be a painless way to reassure
      *everyone* (PGP-capable or not) as to the authenticity of the message.
   3) If individuals desire to receive only 'validated' mail, they may 
      code their mail filters to trap the validation stamp (and deal with
      issues of 'censorship' individually)

The reason I suggested that the PGP validator add a new header line (like 
X-PGP-Whatever: ...) rather than append the validation stamp to the body
of the message is that I thought we might foul up a PGP sig if we alter the
message body. Using a special header line also makes it easier to identify
in your personal mail filter process (at least for me), and even if you have
no mail filtering you would see the header (or lack thereof) at the top of
the posting and could read on or can the posting right away. Hopefully, mail
systems can be tailored on an individual basis to allow these headers to 
pass on to the user.

- -- 
........................................................................
Philippe D. Nave, Jr.   | The person who does not use message encryption
pdn at dwroll.dw.att.com   | will soon be at the mercy of those who DO...
Denver, Colorado USA    | PGP public key: by arrangement.

-----BEGIN PGP SIGNATURE-----
Version: 2.3a

iQCVAgUBLTrJLQvlW1K2YdE1AQFCeQP9ELfLmkFxIZOhbr7WJW+IezpTFEBX6mzE
qvi/veIdE0hBP/3lJsRg0K8pJJopfFJ7Q9rOGRutGDVlTOUSuPgzjV0rn2laFudl
POxM8NCDL5k/QIsyjsI152Z7R76mGgVRHzV/K+uUg9liHTvd14/OS7b00aKFoKtE
S/Z+aQGpAVc=
=Aqu0
-----END PGP SIGNATURE-----

More information about the cypherpunks-legacy mailing list