ietf-openpgp
[Top] [All Lists]

Re: draft-ietf-usefor-article-04.txt: 6.21.3 considered harmful.

2001-04-16 14:42:55
Brad Templeton <brad(_at_)templetons(_dot_)com> writes:
On Mon, Apr 16, 2001 at 02:07:07PM -0700, Russ Allbery wrote:

This depends rather heavily on the context.  What you say is true for
some applications (like control messages) and not true for others (like
official announcements from some entity or another that are posted to
Usenet).  At the worst, what it means that one has to include the
important information that should be authenticated by the signature,
such as the date and the author, in the body of the message.  Quite
frequently for things like announcements this is done as a matter of
course anyway.

Yes, but manual verification of signatures is of dubious value.

That seems to be a non-sequitur.  It's certainly possible to automatically
verify a multipart/signed message.  Some news readers and many mail
readers already do this.

For digital signature authentication to work properly, it is
unfortunately necessary that all messages in a class be signed, and that
the presence of an unsigned or improperly signed message be a major
anomaly which gets a fair bit of attention, or which is in fact
forbidden.

You're solving a different problem than I'm talking about.  For occasional
use for important announcements, the multipart/signed protocol works just
fine.  I understand that you're trying to solve the problem of fully
authenticated message streams, which I agree is an interesting theoretical
problem.  I don't expect to see such a thing show up on Usenet soon,
however, since most people currently using Usenet don't really have much
use for it.

*shrug*  I know you care more about it than I do, and I may be
underestimating the demand.

People have been able to sign article bodies for some time.  It's not
widely used and it's really not very useful.

It does, however, have the advantage of actually being deployed, working,
and standardized.  The sort of signature system that you're describing
would be more useful for some applications than multipart/signed, I agree,
should someone eventually write it and standardize it.

Making it work well within MIME would be quite difficult, as we've already
established in some of the previous rounds of discussion on that topic.

-- 
Russ Allbery (rra(_at_)stanford(_dot_)edu)             
<http://www.eyrie.org/~eagle/>