Charles Lindsey <chl(_at_)clw(_dot_)cs(_dot_)man(_dot_)ac(_dot_)uk> writes:
Brad Templeton <brad(_at_)templetons(_dot_)com> writes:
Wow, it's really grown if that's true, which is good to see. And
indicates that support for a 3rd party article signing standard would
be strong right away. PGPverify wasn't too bad as a first stab, though
it's main flaws were:
a) Used PGP, a then-proprietary external program
But which nobody had any difficulty using
Um, pardon? That's rather far from true. There are several news sites
that have simply turned off control message processing altogether because
they're unwilling to pay a couple grand to NAI for a commercial PGP
license. PGP also has one of the most arcane and idiotic interfaces that
I've had the misfortune of dealing with, and there was lots of pain
involved in finding some sort of portable canonicalization that deals with
incompatible ways of handling whitespace across different versions.
GnuPG is *much* nicer, but not yet viable for systems without a
/dev/random (although it's getting close). NAI's PGP is not a viable
technology to base an authentication infrastructure on.
Not to mention....
windlord:~> host letters.mcafee.com
letters.mcafee.com A 206.156.198.120
windlord:~> host -t txt 120.198.156.206.rbl.maps.vix.com
120.198.156.206.rbl.maps.vix.com TXT "Blackholed - see
<URL:http://maps.vix.com/cgi-bin/lookup?206.156.198.120>"
...the fact that they're not particularly good Internet citizens.
--
Russ Allbery (rra(_at_)stanford(_dot_)edu)
<URL:http://www.eyrie.org/~eagle/>