In <19990318125624(_dot_)029698(_at_)relay(_dot_)skynet(_dot_)be> Brad Knowles
<blk(_at_)skynet(_dot_)be> writes:
On Wed, Mar 17, 1999, Charles Lindsey
<chl(_at_)clw(_dot_)cs(_dot_)man(_dot_)ac(_dot_)uk> wrote:
That doesn't work for News, unfortunately, where this feature is
considered to be essential. Encapsulation doesn't solve the problem.
Why not? Anyone who has their public key can validate the signed
headers, and if anything doesn't match that should (e.g., "From:",
"Date:", etc...) the message can either be dropped on the floor or the
unmatching unsigned headers can be replaced by the corresponding signed
headers.
Maybe I'm missing something fundamental here, but I don't see why
encapsulation won't work.
Because Netnews Control headers MUST be in the real headers to work. That
is the point that the man who raised this problem had not grasped.
Now there are possible horrid schemes involving duplicating the message
headers in some multipart, but that is an undesirable solution to the
problem if we can agree on a better way. I believe my draft shows that a
better way is possible (it is just the canonicalization algorithm that
needs to be got right).
BTW, I would welcome some input from the Mail Gurus on the ietf-822 list
as to how this matter should be progressed through the IETF processes (I
asked for such feedback in my original posting). I don't think it is a
good idea that just the USEFOR people should be discussing a draft that is
applicable to both media.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Email: chl(_at_)clw(_dot_)cs(_dot_)man(_dot_)ac(_dot_)uk Web:
http://www.cs.man.ac.uk/~chl
Voice/Fax: +44 161 437 4506 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5