Signed headers (was Re: Evolution signatures)

darren chamberlain dlc@users.sourceforge.net
Wed Aug 6 22:12:01 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* Thomas Sj=C3=B6gren <thomas at northernsecurity.net> [2003-08-06 15:17]=
:
> > But, oops, wait, there's firewalls in the way, so you can't check
> > hostids.
>=20
> I can verify your mail signature and i'm behind a firewall. Oops,
> according to you that isn't possible. Is it magic?! No, it's public
> key crypto!  (and please _don't_ mind the troll:)

Good point.  I was thinking more along the lines of SSH-style host
keys, rather than PGP-style.

> > Not that I disagree with you, though -- I think a hostid should be
> > part of each Recieved header, which should be verified on a
> > host-by-host basis (i.e., each successive host in the path verifies
> > the key of the host that contacted it), perhaps with an ever growing
> > checksum of those hostids that each machine along the way verifies
> > and then appends to (such that a machine could verify the checksum
> > for each set of recieved headers).  But that's just my take on it.
> > ;)
>=20
> ... or a similar system that exists for GPG/PGP public keys could be
> used, but instead of personal public keys we distribute host public
> keys to verify the host-id in the headers.

This seems to imply that the host's keys would exist in the WoT -- but
how (why?) would you sign a host's key, as opposed to a persons key?
It's trivial for a sysadmin to replace one host's key with another.

(darren)

- --=20
An error on your own is safer than ten truths accepted on faith,
because the first leaves you the means to correct it, but the second
destroys your capacity to distinguish truth from error.
    -- Ayn Rand
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: This message is digitally signed and can be verified for authent=
icity.

iD8DBQE/MWCSzsinjrVhZaoRAtEYAJ9KYj+oEyXFmrjhjs4Au9lu8FilgACgoUxB
XwZVEEmHSCvk+1j+A2J77n8=3D
=3DjraX
-----END PGP SIGNATURE-----