El mi�rcoles, 5 novi, 2003, a las 23:57 Europe/Madrid, Noel J. Bergman escribi�:
I think the moment is coming where we should think about using those interesting GPG keys for something more than "just" signing releases.
S/MIME certificates are acquired, e.g., from Thawte, just as you would an
SSL certificate. There are root Certificate Authorities, just as for HTTPS.
Any good mail client has built-in support. Thawte certificates are free,
although they have limited verification until you start to get signed by
Thawte notaries (another web-of-trust concept).
enigmail for mozilla uses pgp/gpg as infrastructure, in essentially the same way. Other clients support also this scheme.
Messages can be signed either as S/MIME or with the ---BEGIN PGP ... markers in ASCII messages.
Is there any way, for instance, to allow messages signed by Apache committers to pass through to any public Apache list unmoderated?
How do you propose getting a critical mass of signed mail, and what do you
want to do in the meantime with unsigned mail from a subscriber?
Making life easier for people using them and more difficult for people not using them.
Actually, I am exploring the concept, I expected some expert to come out and say "Actually, project XYZ in sourceforge does a variant of this, only much better" :-)
The mail server would need everyone's public key to verify the signatures.
This looks simple enough, at least for people signing releases. They are already in the pgp/gpg infrastructure. Any key in the Apache web of trust could be initially allowed. Possibly plus any X.509 certificate from reasonable authorities, until/unless they are banned for bad behavior (i.e. innocent until proved otherwise).
But how does that solve the problem? Are you going to require *ALL* messages to be signed?
The initial "prize" would be something like you don't need to subscribe or wait moderation to send, and you can read via news. Also, you can send from any account if you send a signed message. And, of course, we should have a policy on allowing certain forms of signed messages to Apache lists. Signatures could either be removed at the list server (and substituted by a Header) or kept in.
Mind you, I've been saying for years that, because of spam, e-mail anonymity
is going to die. All messages will be required to be digitally signed, or
will be considered spam a priori. So your view does not bother me in the
slightest, but other people consider that there is a right to send anonymous
e-mail. I agree. I'd just mark it as spam. But until S/MIME is the
accepted norm, rather than the exception, I don't see that it offers a
solution.
It looks like a chicken and egg problem. But as we get having Apache identities and a web of trust for signing releases and the like, we could actually encourage signed mail, for instance allowing it pass through moderation in any Apache list. This could encourage quite a few people outside Apache to use it for occasional bug reports and the like.
More thinking needed.
--- Noel
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
