[ Usenet FAQs | Search | Web FAQs | Documents | RFC Index ]
Single Page
Top Document: Usenet Hierarchies: Config Files FAQ.
Previous Document: 3.0 Keeping your newsgroups (active file) up to date.
Next Document: 3.2 Sample control.ctl file.
-
Search the FAQ Archives
Single Page
Top Document: Usenet Hierarchies: Config Files FAQ.
Previous Document: 3.0 Keeping your newsgroups (active file) up to date.
Next Document: 3.2 Sample control.ctl file.
3.1 PGP authentication of newgroup and rmgroup messages
[ This piece is culled from the file written by David Lawrence, see
the cited URL for the full text ]
Usenet articles are notoriously easy to forge, and control messages
are no exception. Since administrators often want to have their news
systems automatically honor requests from some particular people to
add or remove newsgroups, it is risky to trust the From: and Sender:
headers to identify the real sender of a message, as has historically
been done.
Thus a system using Philip Zimmerman's Pretty Good Privacy(tm) (PGP
(tm)) was developed to provide a more secure means of authenticating
the sender of a control message.
Unlike traditional PGP authentication of messages, which just verifies
that the contents of the body of a message are unchanged from when it
was digitally "signed", this system also needed to sign a few headers
of the control message to verify the action to be taken and to guard
against certain other pitfalls. Another goal was to make the signature
as unobtrusive as possible and require minimal changes to existing
software in order to work.
For further Information see:
ftp://ftp.isc.org/pub/pgpcontrol/
Top Document: Usenet Hierarchies: Config Files FAQ.
Previous Document: 3.0 Keeping your newsgroups (active file) up to date.
Next Document: 3.2 Sample control.ctl file.
Single Page
[ Usenet FAQs | Search | Web FAQs | Documents | RFC Index ]
Send corrections/additions to the FAQ Maintainer:
simon@darkmere.gen.nz
Last Update October 12 2008 @ 00:13 AM