Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/18/84; site gatech.UUCP Path: utzoo!watmath!clyde!bonnie!akgua!gatech!spaf From: spaf@gatech.UUCP (Gene Spafford) Newsgroups: net.news.stargate Subject: Re: how to verify an article's submitter Message-ID: <12250@gatech.UUCP> Date: Thu, 28-Feb-85 18:54:27 EST Article-I.D.: gatech.12250 Posted: Thu Feb 28 18:54:27 1985 Date-Received: Fri, 1-Mar-85 09:57:47 EST References: <462@aquila.noao.UUCP> <12022@gatech.UUCP> <439@spp2.UUCP> Reply-To: spaf@gatech.UUCP (Gene Spafford) Organization: The Clouds Project, School of ICS, Georgia Tech Lines: 59 In article <439@spp2.UUCP> jhull@spp2.UUCP (Jeff Hull) writes: > ...[introductory remarks -- refer to the original.] >I can't prevent you from leaving your checkbook lying around with >signed but otherwise blank checks in it either. But if I find it, >fill one of the checks out & cash it, you have no legal recourse >against me. I think the same principle applies here. If you write in an amount to those checks and cash them, you are breaking the law. Which law depends on where and how you do it, but it still is not kosher. That doesn't matter, though, in my example. My example was more like leaving a copy of my signature around and someone forged it to something I didn't write. Even if I protect my digital signature in a file, that doesn't guarantee that someone won't get into my account and use it. Or break it. Or read through kmem after I've used it and find it. >Second, >>Sorry. Digital signature protocols generally assume that (at least) >>the identity og the sender or the privacy of the key are a given. >>We have a situation where both are not secure. That turns the >>situation into one that is much more difficult to deal with. > >I think we have a slightly different situation that the one Gene >envisions. I think the net at large can leave to the individual sites >the problem of dealing with individual users at each site. Presumably >the security needs of TRW are different than those of someone >accessing the net from his home computer. > Exactly. The situation with home computers is much harder to regulate and enforce some form of validated cryptosignature to be applied to postings. As far as leaving it up to the sites, the administrators of most sites are not any more competent than their users. Sometimes they are considerably less competent. >If (the legal eagles think the net/satellite carrier can afford to) >set the limit of the net's concern for liability to the originating >site & let the site worry about the local user base, then we have a >situation where the identity of the originator is known. And system >administrators can be required to properly handle encryption keys. >(BTW, I envision keys being changed frequently [daily? more often?] >and the key files themselves being encrypted a la /etc/passwd. Key >updates being passed between sites using keys that are never stored >in digital form. etc Complete details on request. If we ever get >that far.) Geez, we can't even get sites to run B news or fix their faulty software. You think they're going to bother changing keys daily? Even twice a year is perhaps a little too optimistic. And their would be too many people who would have to be "trusted" in such a distribution scheme to make it work in a simple (or appropriate) manner. The idea of digital signatures is nifty, but the reality just doesn't match up with the real-world needs of the net. -- Gene "5 months and counting" Spafford The Clouds Project, School of ICS, Georgia Tech, Atlanta GA 30332 CSNet: Spaf @ GATech ARPA: Spaf%GATech.CSNet @ CSNet-Relay.ARPA uucp: ...!{akgua,allegra,hplabs,ihnp4,linus,seismo,ulysses}!gatech!spaf