The Guardian

Richard Johnson rdump@river.com
Thu, 30 Sep 1999 08:29:23 -0600


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> On Thu, 30 Sep 1999, Werner Koch wrote:
> Can someone please explain what the Guardian is?
At 02:59 -0600 on 9/30/99, Benoit Rigaut wrote:
> See http://www.networksolutions.com/help/registration/guardian.html .
> Gardian summarizes the 3 levels of protection available to reach your NIC
> records.
>
> MAIL-FROM
> Description: Changes come from a registered e-mail address
>
> Encrypted password (CRYPT-PW)
> Description: Changes are sent with a registered, encrypted password
>
> Pretty Good Privacy (PGP)
> Description: A PGP key is used to sign and authenticate registration
> changes
>
> See http://www.networksolutions.com/guardian/pgp.html for more about the
> use of PGP with NetworkSolutions' mail server.
The Guardian protection applies to Contact records, and is used to authenticate changes requested by those contacts to Domain records among others. In the real world, Network Solutions doesn't really understand PGP. Here are some caveats: 1) Send your key in to their key server periodically. They sometimes forget about keys they already have (they choose to not obtain keys from a global key server). If they have forgotten about your key, they will send you an error message that only indicates that the key you specified is not valid. 2) They will not discover the key ID used by reading the PGP packets, the way everyone else uses PGP. Instead, you must place the key ID in the auth info field. If you typo the ID, they will send you an error message that only indicates that the key you specified is not valid. 3) Don't even think of doing PGP/MIME signing. If you use PGP/MIME, they will send you an error message that only indicates that the key you specified is not valid. 4) Sometimes they just send you an error message that only indicates that the key you specified is not valid because they feel like doing so. In the end, any problems they have with gnupg keys will be difficult to debug because of their insane use of PGP and their worthless error reporting. Richard -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.1 Comment: www.europarl.eu.int/dg4/stoa/en/publi/166499/execsum.htm iQA/AwUBN/NztWKSuJuuNAZUEQJkNgCdFtaCEdCYtNx6s8v1ctT+YhO+7UgAn05v qJz8YfPQfK7NPSSbXJzSTRjS =meDS -----END PGP SIGNATURE-----