Signed headers (was Re: Evolution signatures)

darren chamberlain
Wed Aug 6 15:14:02 2003

Hash: SHA1

* Thomas Sj=C3=B6gren <thomas at> [2003-08-06 08:22]=
> On Wed, Aug 06, 2003 at 06:33:33PM +1000, Ben Finney wrote:
> > On 06-Aug-2003, Adrian 'Dagurashibanipal' von Bidder wrote:
> > > Currently, I should best just delete those headers before looking a=
t a
> > > signed email - if I'm a serious paranoid, I should only look at the
> > > information that is signed and suspect everything else to be fake. =
> > > course I don't do that...
> >=20
> > I don't see that any of these headers are a good target for signing.
> Since we already got Message-ID in the headers maybe something like a H=
> (think SSH) could help. The Host-ID could then be included in
> your public key as a comment and be used like any other public key.

Would that be host-id of the sender's machine, or the mailhost, or one
of the servers along the way?  The only one that makes sense (to me) is
the hostid of the originating machine.  But, oops, wait, there's
firewalls in the way, so you can't check hostids.  Oh yeah, and I'm
sending this message from a kiosk in an internet cafe, and er, I almost
forgot, we have a farm of machines as a mailhost.

Not that I disagree with you, though -- I think a hostid should be part
of each Recieved header, which should be verified on a host-by-host
basis (i.e., each successive host in the path verifies the key of the
host that contacted it), perhaps with an ever growing checksum of those
hostids that each machine along the way verifies and then appends to
(such that a machine could verify the checksum for each set of recieved
headers).  But that's just my take on it. ;)


- --=20
Capitalism interprets regulation as damage, and routes around it.
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: This message is digitally signed and can be verified for authent=