The Guardian
Richard Johnson
rdump@river.com
Thu, 30 Sep 1999 08:29:23 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> On Thu, 30 Sep 1999, Werner Koch wrote:
> Can someone please explain what the Guardian is?
At 02:59 -0600 on 9/30/99, Benoit Rigaut wrote:
> See http://www.networksolutions.com/help/registration/guardian.html .
> Gardian summarizes the 3 levels of protection available to reach your NIC
> records.
>
> MAIL-FROM
> Description: Changes come from a registered e-mail address
>
> Encrypted password (CRYPT-PW)
> Description: Changes are sent with a registered, encrypted password
>
> Pretty Good Privacy (PGP)
> Description: A PGP key is used to sign and authenticate registration
> changes
>
> See http://www.networksolutions.com/guardian/pgp.html for more about the
> use of PGP with NetworkSolutions' mail server.
The Guardian protection applies to Contact records, and is used to
authenticate changes requested by those contacts to Domain records among
others.
In the real world, Network Solutions doesn't really understand PGP. Here are
some caveats:
1) Send your key in to their key server periodically. They sometimes forget
about keys they already have (they choose to not obtain keys from a global
key server). If they have forgotten about your key, they will send you an
error message that only indicates that the key you specified is not valid.
2) They will not discover the key ID used by reading the PGP packets, the way
everyone else uses PGP. Instead, you must place the key ID in the auth info
field. If you typo the ID, they will send you an error message that only
indicates that the key you specified is not valid.
3) Don't even think of doing PGP/MIME signing. If you use PGP/MIME, they
will send you an error message that only indicates that the key you specified
is not valid.
4) Sometimes they just send you an error message that only indicates that the
key you specified is not valid because they feel like doing so.
In the end, any problems they have with gnupg keys will be difficult to debug
because of their insane use of PGP and their worthless error reporting.
Richard
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.1
Comment: www.europarl.eu.int/dg4/stoa/en/publi/166499/execsum.htm
iQA/AwUBN/NztWKSuJuuNAZUEQJkNgCdFtaCEdCYtNx6s8v1ctT+YhO+7UgAn05v
qJz8YfPQfK7NPSSbXJzSTRjS
=meDS
-----END PGP SIGNATURE-----