FAQ: Better living through forgery

[Computer User]

IN A FORGED MESSAGE ta...@uunet.uu.net (David C Lawrence) wrote:
> Anonymous netnews without "anonymous" remailers
>

This is terrible! In good ol' times, the ones who could forge at least
had to figure out what was RFC977, be able to write perl or shell or
expect scripts (whatever you like) and find an IHAVE-friendly server.
These people at least were educated enough to understand that they have
some responsibility. Now you post it to news.newusers.questions with all
scripts. Guess what will happen. Guess what will happen to news.??.net,
asshole.

YOU ARE A FUCKHEAD IRRESPONSIBLE MOTHERFUCKING BASTARD, FORGER!

[Will Spencer]

Ever wonder who you are flaming???

David C. Lawrence is the moderator of news.announce.newgroups, the
ultimate arbiter and auditor of RFD/CFV/Newgroup-Rmgroup procedures on
mainstream hierarchies, and thus the de-facto czar of mainstream
Usenet. Basically, in news.*, misc.*, soc.*, talk.*, comp.*, and sci.*,
he is the one who determines authoritatively what is and what is not a
valid newsgroup.

--
/* Will Spencer / Voyager : The advancement and diffusion */
/* Member: TNO, The New Order : of knowledge is the only */
/* alt.2600/#hack FAQ Editor : guardian of true liberty. */
/* Writer, poet, hacker, human : -- James Madison */

[David C Lawrence]

Anonymous netnews without "anonymous" remailers

Inspired by the recent "NetNews Judges-L" events, this file has been updated to cover forging control messages. It is being posted periodically to address
the increasing trend of "how do I fake news?" questions from the lamers, and
the revelation that anonymous remailers are UNSAFE. In addition to anonymous
posting, you can also do your own article canceling and create and destroy your
own newsgroups using the information presented here.

Save any news article to a file. We'll call it "hak" in this example.

Edit "hak", and remove any header lines of the form

From some!random!path!user (note: "From ", not "From: " !!)
Article:
Lines:
Xref:

Shorten the Path: header down to its LAST two or three "bangized" components.
This is to make the article look like it was posted from where it really was
posted, and originally hit the net at or near the host you send it to. Or
you can construct a completely new Path: line to reflect your assumed alias.

Make some change to the Message-ID: field, that isn't likely to be duplicated
anywhere. This is usually best done by adding a couple of random characters to
the part before the @, since news posting programs generally use a fixed-length
field to generate these IDs.

Change the other headers to say what you like -- From:, Newsgroups:,
Sender:, etc. Replace the original message text with your message. If you are
posting to a moderated group or posting a control message, remember to put in
an Approved: header to bypass the moderation mechanism.

To specifically cancel someone else's article, you need its message-ID. Your
message headers, in addition to what's already there, should also contain the
following with that message-ID in it. This makes it a "control message".
NOTE: control messages generally require an Approved: header as well, so
you should add one.

Subject: cmsg cancel <xb8...@twits.site.com>
Control: cancel <xb8...@twits.site.com>
Approved: lu...@twits.site.com

Newsgroups are created and destroyed with control messages, too. If you
wanted to create, for instance, comp.misc.microsoft.sucks, your control
headers would look like

Subject: cmsg newgroup comp.misc.microsoft.sucks
Control: newgroup comp.misc.microsoft.sucks

Add on the string "moderated" at the end of these if you want the group to
be "moderated with no moderator" as with alt.hackers. Somewhere in the
body of your message, you should include the following text, changed with
the description of the group you're creating:

For your newsgroups file:
comp.misc.microsoft.sucks We don't do windows

To remove a group, substitute "rmgroup" for "newgroup" in the header lines
above. Keep in mind that most sites run all "rmgroup" requests through
a human news-master, who may or may not decide to honor it. Group creation
is more likely to be automatic than deletion at most installations. Any
newsgroup changes are more likely to take effect if the come from me, since
my name is hardwired into many of the NNTP control scripts, so using the
From: and Approved: headers from this posting is recommended.

Save your changed article, check it to make sure it contains NO reference
to yourself or your own site, and send it to your favourite NNTP server that
permits transfers via the IHAVE command, using the following script:

=======================
#! /bin/sh
## Post an article via IHAVE.
## args: filename server

if test "$2" = "" ; then
echo usage: $0 filename server
exit 1
fi
if test ! -f $1 ; then
echo $1: not found
exit 1
fi

# suck msg-id out of headers, keep the brackets
msgid=`sed -e '/^$/,$d' $1 | egrep '^[Mm]essage-[Ii][Dd]: ' | \
sed 's/.*-[Ii][Dd]: //'`
echo $msgid

( sleep 5
echo IHAVE $msgid
sleep 5
cat $1
sleep 1
echo "."
sleep 1
echo QUIT ) | telnet $2 119
=======================

If your article doesn't appear in a day or two, try a different server.
They are easy to find. Here's a script that will break a large file
full of saved netnews into a list of hosts to try. Edit the output
of this if you want, to remove obvious peoples' names and other trash.

=======================
#! /bin/sh
FGV='fgrep -i -v'
egrep '^Path: ' $1 | sed -e 's/^Path: //' -e 's/!/\
/g' | sort -u | fgrep . | $FGV .bitnet | $FGV .uucp
=======================

Once you have your host list, feed it to the following script.

=======================
#! /bin/sh

while read xx ; do
if test "$xx" = "" ; then continue;
fi
echo === $xx
( echo open $xx 119
sleep 5
echo ihave IamS...@podunk.edu
sleep 4
echo .
echo quit
sleep 1
echo quit
) | telnet
done
=======================

If the above script is called "findem" and you're using csh, you should do

findem < list >& outfile

so that ALL output from telnet is captured. This takes a long time, but when
it finishes, edit "outfile" and look for occurrences of "335". These mark
answers from servers that might be willing to accept an article. This isn't a
completely reliable indication, since some servers respond with acceptance and
later drop articles. Try a given server with a slightly modified repeat of
someone else's message, and see if it eventually appears.

Sometimes the telnets get into an odd state, and freeze, particularly when
a host is refusing NNTP connections. If you manually kill these hung telnet
processes but not the main script, the script will continue on. In other
words, you may have to monitor the finding script a little while it is
running.

You will notice other servers that don't necessarily take an IHAVE, but
say "posting ok". You can probably do regular POSTS through these, but they
will add an "NNTP-Posting-Host: " header containing the machine YOU came from
and are therefore unsuitable for completely anonymous use.

We maintain an IHAVE-friendly host is right here -- news.uu.net. Feel free
to test these scripts through our server.

PLEASE USE THE INFORMATION IN THIS ARTICLE FOR CONSTRUCTIVE PURPOSES ONLY.

[Michael Shields]

In article <will.802830123@rainbow>,

Will Spencer <wi...@rainbow.rmii.com> wrote:
> Ever wonder who you are flaming???
>
> David C. Lawrence is the moderator of news.announce.newgroups, the

I don't see a sequitur here.
--
Shields.

[Peter Vorobieff]

In article <will.802830123@rainbow>, wi...@rainbow.rmii.com spake thusly:

>
> Us...@127.0.0.1 (Computer User) writes:
> >IN A FORGED MESSAGE ta...@uunet.uu.net (David C Lawrence) wrote:

> >> Anonymous netnews without "anonymous" remailers
> >>

> >This is terrible! [snip]

>Ever wonder who you are flaming???
>
>David C. Lawrence is the moderator of news.announce.newgroups, the

[snip]

YHBT. HAND.
--
Thus spake Kalmoth the Vile, Slayer of One Robot and Seven Pigs.
DISCLAIMER: Opinions expressed in the article above, if any, are channeled from
the Fungi of Yuggoth and do not necessarily represent the views of
my other employers.

[Daniel Hartung]

Will Spencer <wi...@rainbow.rmii.com> wrote:
> Us...@127.0.0.1 (Computer User) writes:
> >IN A FORGED MESSAGE ta...@uunet.uu.net (David C Lawrence) wrote:
> >> Anonymous netnews without "anonymous" remailers
> >>

> >This is terrible! In good ol' times, the ones who could forge at least

[snip]

> >YOU ARE A FUCKHEAD IRRESPONSIBLE MOTHERFUCKING BASTARD, FORGER!
>

>Ever wonder who you are flaming???
>
>David C. Lawrence is the moderator of news.announce.newgroups, the

>ultimate arbiter and auditor of RFD/CFV/Newgroup-Rmgroup procedures on
>mainstream hierarchies, and thus the de-facto czar of mainstream
>Usenet. Basically, in news.*, misc.*, soc.*, talk.*, comp.*, and sci.*,
>he is the one who determines authoritatively what is and what is not a
>valid newsgroup.

Uh, for your benefit, here is the message ID from the
Better Living thru Forgery "FAQ":

>Message-ID: <StUPi...@uunet.uu.net>

--
Daniel A. Hartung | Usenet now has an Arts/Humanities hierarchy!
dhar...@mcs.com |
dhar...@chinet.chinet.com | Look for "humanities.misc" at your site soon!
http://www.mcs.net/~dhartung/ |

[Marina Chong]

wi...@rainbow.rmii.com (Will Spencer) wrote:

> Us...@127.0.0.1 (Computer User) writes:
> >IN A FORGED MESSAGE ta...@uunet.uu.net (David C Lawrence) wrote:
> >> Anonymous netnews without "anonymous" remailers
> >>

[snip]

> >YOU ARE A FUCKHEAD IRRESPONSIBLE MOTHERFUCKING BASTARD, FORGER!

>Ever wonder who you are flaming???
>
>David C. Lawrence is the moderator of news.announce.newgroups, the
>ultimate arbiter and auditor of RFD/CFV/Newgroup-Rmgroup procedures on
>mainstream hierarchies, and thus the de-facto czar of mainstream
>Usenet. Basically, in news.*, misc.*, soc.*, talk.*, comp.*, and sci.*,
>he is the one who determines authoritatively what is and what is not a
>valid newsgroup.
>

For your info:

tale DID NOT write the original message. The address is *forged*.

The forger posted a nearly identical message some weeks ago.

"Computer user" was flaming the impersonator.

Hope that helps.

HAND.

--
Marina S Y Chong mar...@singnet.com.sg
-------------------------------------------------------------------------
Cults+Conspiracies+Scams+Crimes+Clams! What do these add up to?
Read alt.religion.scientology and find out!
Save the Rev! Support the Dennis Erlich Defense Fund
David Dennis' WWW page> http://amazing.cinenet.net/scientology.html
Ron Newman's WWW page> http://www.mit.edu:8001/people/rnewman/home.html
-------------------------------------------------------------------------

[TomasZ]

Man oh man...

I'm no saint, but some people...

Sheesh!

I strongly suggest that some people try to use a dictionary or thesaurus
to get their point across...

And some people wonder why the media is having a field day about the
Internet...

Regards,

-- Tom
tom...@aol.com

[Rob J. Nauta]

wi...@rainbow.rmii.com (Will Spencer) writes:

Us...@127.0.0.1 (Computer User) writes:
>IN A FORGED MESSAGE ta...@uunet.uu.net (David C Lawrence) wrote:
>> Anonymous netnews without "anonymous" remailers
>>

>This is terrible! In good ol' times, the ones who could forge at least

>had to figure out what was RFC977, be able to write perl or shell or
>expect scripts (whatever you like) and find an IHAVE-friendly server.
>These people at least were educated enough to understand that they have
>some responsibility. Now you post it to news.newusers.questions with all
>scripts. Guess what will happen. Guess what will happen to news.??.net,
>asshole.

>YOU ARE A FUCKHEAD IRRESPONSIBLE MOTHERFUCKING BASTARD, FORGER!

>Ever wonder who you are flaming???

>David C. Lawrence is the moderator of news.announce.newgroups, the
>ultimate arbiter and auditor of RFD/CFV/Newgroup-Rmgroup procedures on
>mainstream hierarchies, and thus the de-facto czar of mainstream
>Usenet. Basically, in news.*, misc.*, soc.*, talk.*, comp.*, and sci.*,
>he is the one who determines authoritatively what is and what is not a
>valid newsgroup.

And, he isn't the one that posted it. I guess the person using the abusive
language is trying to flame the anonymous user that forged the post, at
least he used the 'IN A FORGED MESSAGE' clause.

Rob
--
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~
Rob J. Nauta r...@redwood.nl
REDWOOD Business Group B.V. Phone: +31-3404-31310
Princenhof Park 13 Telefax: +31-3404-30477
3972 NG DRIEBERGEN
The Netherlands

[firebug]

In article <will.802830123@rainbow>,
Will Spencer <wi...@rainbow.rmii.com> wrote:

> Us...@127.0.0.1 (Computer User) writes:
> >IN A FORGED MESSAGE ta...@uunet.uu.net (David C Lawrence) wrote:
> >> Anonymous netnews without "anonymous" remailers
> >>

> >YOU ARE A FUCKHEAD IRRESPONSIBLE MOTHERFUCKING BASTARD, FORGER!
>
>Ever wonder who you are flaming???

It seems that he is flaming the person that forged the message. In fact,
that seems *quite*clear*. Maybe before YOU flame someone, you should look at
what they said, instead of taking an opportunity to prove what a smart guy
you are.

>David C. Lawrence is the moderator of news.announce.newgroups, the
>ultimate arbiter and auditor of RFD/CFV/Newgroup-Rmgroup procedures on
>mainstream hierarchies, and thus the de-facto czar of mainstream
>Usenet. Basically, in news.*, misc.*, soc.*, talk.*, comp.*, and sci.*,
>he is the one who determines authoritatively what is and what is not a
>valid newsgroup.

Even if this was who he was flaming, I'd like you to take note of a few
things:
1) tale did not post that.
2) He clearly flamed the forger.
3) Just because tale is an Important Guy doesn't mean one should fear him,
were he to do something stupid like actually post that idiot's guide to
forgery.
4) rec.* and humanities.* also.
5) The people determine what is and what is not a valid newsgroup. A lot of
people trust tale to do that for them. But he has no "authoritative" power.
Like you said, he has de facto power. He can't decide that a group is a bad
idea, or that he doesn't like the outcome of a vote. It's not part of his
job, it's something that would piss people off, it would be quite dishonest.

In short, not one thing you said was accurate or relevant. You're quite the
smart guy, Will.

[Scott A. Moore]

I would not be stunned if the information in the posting was true. Several
of my knowledgable friends have told me this is possible (I have better
things to do, personally).

But are the standards being updated to make this kind of nonsense
impossible (or more difficult) ? Requiring PGP signatures on control
messages would seem like a start....

[sam] (the real one)

[Nathan J. Mehl]

Will Spencer (wi...@rainbow.rmii.com) wrote in article <will.802830123@rainbow>:

: Ever wonder who you are flaming???
:
: David C. Lawrence is the moderator of news.announce.newgroups, the

BWAH HAH HAH HAH HAH HAH HAH!

Let's just say that even if I *didn't* know for a fact that Dave is
happily away on vacation right now, I still wouldn't have believed
for even a fraction of an instant that that post actually came from
him.

I suggest that you think for a second about the liklihood that a post
containing explicit instructions for usenet forgery would be posted
under the author's actual real name.

*sigh* Now all we need is for the bozos at SatelNET to turn those
scripts into a cgi form, and we can all officially give up on this
silly usenet idea.

Yeah, film at 11, I know, I know, I know...

--
-------{Nathan J. Mehl}--------------------{nm...@bbnplanet.com}-------|
| Will sell soul for date with PJ Harvey. Inquire within. |
|If you think I speak for my employer, they'll be happy to correct you.|
|-------------{http://ccat.sas.upenn.edu/nmehl/home.html}---------------

[The BOB(c)]

Scott A. Moore (s...@ccnet.com) spake unto us, saying:

: I would not be stunned if the information in the posting was true. Several

: of my knowledgable friends have told me this is possible (I have better
: things to do, personally).

It does work and is useful for a number of reasons other than forgery.
For instance, you can increase your propogation by submitting an
article to several different sites at the same time.

One should note that most newsservers that accept articles via IHAVE do
keep a log of connections. This means that there is a record of what you
have done. The question is: Will someone look at it?

The BOB(c)
--
Y O U C A N Q U O T E M E O N T H A T Andrew S. Damick
Dave Hayes once did say, "If it's only -your- computer, then I
think you can do what you want." alt.fan.the-bob ishereandnow
Andrew S. Damick Y O U C A N Q U O T E M E O N T H A T

[Wednesday]

In article <3rhijd$9...@taco.cc.ncsu.edu>,

The BOB(c) <asda...@unity.ncsu.edu> wrote:
>Scott A. Moore (s...@ccnet.com) spake unto us, saying:
>
>: I would not be stunned if the information in the posting was true. Several
>: of my knowledgable friends have told me this is possible (I have better
>: things to do, personally).
>
>It does work and is useful for a number of reasons other than forgery.
>For instance, you can increase your propogation by submitting an
>article to several different sites at the same time.

Additionally, it provides a fairly reliable means of anonymous posting
to those unwilling to deal with the severe load problems of anon.penet.fi,
the technical morass of the cypherpunk mailers, and the lag problems
associated with telnettable anonymous servers. I am thinking mainly in
terms of the service this script could provide to members of the abuse-
trauma-related support and recovery newsgroups, especially in the face of
one of our primary anonymous account servers going down and another
suffering frequent technical difficulties. The script will probably be
included in the anonymous posting instructions section of the alt.abuse.
transcendence FAQ when I have a chance to deal with it.

>One should note that most newsservers that accept articles via IHAVE do
>keep a log of connections. This means that there is a record of what you
>have done. The question is: Will someone look at it?

This is, however, the question one must ask of any anonymous posting system.
There is no 100% safe way to mask one's identity in this matter, barring
hacking your point-of-entry account in the first place (at which point one
faces legal questions).

-- -- wedn...@tezcat.com -- http://www.tezcat.com/~wednsday -- --
You are sentimental. You are passionate. You are actually FUN. You are
wistful. You are scarred. You are, in a philosophic sort of way, beautiful.
-- -- -- -- -- -- -- -- -- -- - Andrew S. Damick - --

[Lars Marowsky-Bree]

-----BEGIN PGP SIGNED MESSAGE-----

I think we should better look into PGP approved control messages _NOW_.

Now, here we have it - a forged troublemaker, no THE forged troublemaker.
Sure, there is little to no news in this for the more intelligent and longer
participants of the Net. But I would expect this to get us a lot of
cancelled messages. Perhaps this has a good side, too, namely showing just
how vulnerable UseNet is to idiots. But I don't think this outweights the
disadvantages, ie every 'Stupid Fuck' (to quote the message id) is now able
to, and WILL, cancel messages, creat groups and rm them.

Now, could someone please do a path comparison to check where this spam came
from?

Lars Marowsky-Bree Voice: +49-571-63663 PGP-key avail. via server
HomePage: http://www.teuto.de/~lmb Mail: l...@pointer.in-minden.de
PGP fingerprint: CF FC 3A F0 86 F1 D3 EB 79 8A CF 75 4F 4C 81 DF
> pleasure and pain - often the same <

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCzAwUBL9yMH+CsMSXatXlBAQEOBATvSsHNBUH/52CFmoK9I+t84JU6j2CmXNG5
fkYa1eGfqjXR1z+cbGqtsnBukT8b2gYhGNeVSGA+wvTPTOMHRGRkLlmaex4NN/i2
GzBI4wKuaPN47Bh+gl8d9Gp5STXB7MssenzKjPDYNbYQ1UZXkw1lE5PiUTj5I/jv
HmhFYSMU1R68oLpMKKFNBkfr8pcq+jRDJb5KDyFZt+5fGFvOMdQ=
=Co/E
-----END PGP SIGNATURE-----

[Mahesh Ramachandran]

In article <3rerpr$j...@lantana.singnet.com.sg>, mar...@singnet.com.sg (Marina

Chong) writes:
>
> For your info:
>
> tale DID NOT write the original message. The address is *forged*.
>

ummm, i was under the impression that tale had been posting this
every month. wrong? i have been seeing this posting since sometime
last october. mebbe tale is really concerned about the health of
netizens. ;-)

-rr

--

[Russ Allbery]

Mahesh Ramachandran <r...@eel.ufl.edu> writes:
>
>ummm, i was under the impression that tale had been posting this
>every month. wrong?

Wrong, I'm afraid. Someone has been forging it every month. Of course, if
you're going to post a document like this, the obvious thing to do would be
to forge it, and the obvious person to forge would be Tale. I'm sure that
the author couldn't resist.

It would help if Uunet would make it's news server a bit less open. I'm not
sure I understand the reasoning behind their current policy. (Common
carrier status, perhaps?)

--
Russ Allbery (r...@cs.stanford.edu) http://www-leland.stanford.edu/~rra/

[Nathan J Mehl]

From: nm...@bbnplanet.com (Nathan J. Mehl) Will Spencer (wi...@rainbow.rmii.com) wrote in article <will.802830123@rainbow>: : Ever wonder who you are flaming??? : David C. Lawrence is the moderator of news.announce.newgroups, the BWAH HAH HAH HAH HAH HAH HAH! Let's just say that even if I *didn't* know for a fact that Dave is happily away on vacation right now, I still wouldn't have believed for even a fraction of an instant that that post actually came from him. I suggest that you think for a second about the liklihood that a post containing explicit instructions for usenet forgery would be posted under the author's actual real name. *sigh* Now all we need is for the bozos at SatelNET to turn those scripts into a cgi form, and we can all officially give up on this silly usenet idea. Yeah, film at 11, I know, I know, I know... -------{Nathan J. Mehl}--------------------{nm...@bbnplanet.com}-------| | Will sell soul for date with PJ Harvey. Inquire within. | |If you think I speak for my employer, they'll be happy to correct you.| |-------------{http://ccat.sas.upenn.edu/nmehl/home.html}--------------- --------------------------------------------------- * The Blues Cafe! Dallas, Tx. Home of BigD Online * * Dallas' Best BBS List! (214) 638-1181 8 Lines! * ---------------------------------------------------

[Nathan J Mehl]

[Stephen Boursy]

In article <DA2pM...@pointer.in-minden.de>,

Lars Marowsky-Bree <l...@pointer.in-minden.de> wrote:
>
>-----BEGIN PGP SIGNED MESSAGE-----
>
>
> I think we should better look into PGP approved control messages _NOW_.
>
>Now, here we have it - a forged troublemaker, no THE forged troublemaker.
>Sure, there is little to no news in this for the more intelligent and longer
>participants of the Net. But I would expect this to get us a lot of
>cancelled messages. Perhaps this has a good side, too, namely showing just
>how vulnerable UseNet is to idiots. But I don't think this outweights the
>disadvantages, ie every 'Stupid Fuck' (to quote the message id) is now able
>to, and WILL, cancel messages, creat groups and rm them.
>

What this demonstrates to me is that a forgery is a forgery. PGP
'approved' control messages won't help--who is to do the approval but a
small body of self appointed power freaks? The truth of the matter is
that while these instructions and the mindset behind them is
reprehensible the same is true of the so-called 'approved' forgeries. No
one has the right to forge a cancel of another message.

I've never noted a coorelation between 'the more intelligent' and
the 'longer participants' on the usenet--quite the contrary in fact. It is
their desire for control that has lead to this type of abuse as they
themselves have long been practicing it.

What this clearly demonstrates is the need for consumer
protection legislation and serious enforcement against forgery and
an end to frontier justice at the hands of a mob which clearly does
not work.

Steve

[David Wright]

In article <3rgka0$i...@ccnet.ccnet.com>, Scott A. Moore <s...@ccnet.com> wrote:
#But are the standards being updated to make this kind of nonsense
#impossible (or more difficult) ? Requiring PGP signatures on control
#messages would seem like a start....

This has been discussed recently on the moderators list, and some good
work has been done on it, but I'm not aware of any date for implemenatation.

Bear in mind that using PGP signatures on all control messages would be
impractical until almost all news sites update to a future news version
with support for it (read: never), but the approach could be used to
protect moderated news groups and perhaps to verify newgroup messages.

Regards,
David Wright, speaking as a member of, but not for
group-...@uunet.uu.net, a small advisory list that tale refers
people to for advice on newsgroup naming and votes.
d...@bnr.co.uk <or> d...@bnr.ca

[Colin Douthwaite]

Daniel Hartung (dhar...@MCS.COM) wrote:

: Uh, for your benefit, here is the message ID from the

: Better Living thru Forgery "FAQ":
:
: >Message-ID: <StUPi...@uunet.uu.net>

There were actually TWO postings. Did you think one was just a duplicate ?
I thought so at first.

Bye,

[Michael Shields]

[Bogus news.admin.policy and alt.current-events.net-abuse elided and
followups redirected.]

In article <3rhijd$9...@taco.cc.ncsu.edu>,
The BOB(c) <asda...@unity.ncsu.edu> wrote:
> It does work and is useful for a number of reasons other than forgery.
> For instance, you can increase your propogation by submitting an
> article to several different sites at the same time.

That's not an argument for a cookbook example of how to use telnet 119!
Increasing propagation is the job of the news servers.
--
Shields.

[Zoli Fekete, keeper of hungarian-faq]

But that job is often not done. Protecting from the abuse promoted by
the example is also the job of the server, and obviously uunet failed to
do that. I can't fathom why do they leave posting open (while apparently
disabling the retrieval of article bodies)!
While submitting to several sites is not a good idea, sometimes
connecting to a remote server is a better (or the only) alternative to
posting locally - after all, your site may want to carry the group you
and the remote one both are interested in (and getting another feed just
for the sake of one group may not be practical). And 'telnet nntp' would be
neat for retrieving some articles from UUNET once they're gone from your
own server.

Zoli fek...@bc.edu (note my old full address @bcuxs2 is retired)
"For my assured failures and derelictions, I ask pardon beforehand of my
betters and my equals in my calling." - Rudyard Kipling

[Lars Marowsky-Bree]

Colin Douthwaite (Colin_Do...@equinox.gen.nz) wrote:

> : >Message-ID: <StUPi...@uunet.uu.net>
> There were actually TWO postings. Did you think one was just a duplicate ?
> I thought so at first.

Well yes, the second messageid was better. But take a look at the path...

pointer.in-minden.de!minden.in-minden.de!brolga.teuto.de!linteuto.teuto.de
!news.gun.de!news.hamburg.pop.de!nordwest.pop.de!informatik.uni-bremen.de
!cs.tu-berlin.de!zib-berlin.de!news.uni-ulm.de!rz.uni-karlsruhe.de!xlink.net
!howland.reston.ans.net!swrinde!elroy.jpl.nasa.gov!usc!news.cerf.net
!nntp2.cerf.net!bbs.ug.eds.com!ix.netcom.com!news.sesqui.net!nntpx.uu.net!tale

BTW, could somebody on the other side of the world please check this path? I
would like to know the largest common segment to track down the machine this
was posted via.

--

Lars Marowsky-Bree Voice: +49-571-63663 PGP-key avail. via server
HomePage: http://www.teuto.de/~lmb Mail: l...@pointer.in-minden.de

PGP-Id: 0xDAB57941 / CF FC 3A F0 86 F1 D3 EB 79 8A CF 75 4F 4C 81 DF
> So long, and thanks for all the fish! <

[Rob J. Nauta]

l...@pointer.in-minden.de (Lars Marowsky-Bree) writes:

>Colin Douthwaite (Colin_Do...@equinox.gen.nz) wrote:

>pointer.in-minden.de!minden.in-minden.de!brolga.teuto.de!linteuto.teuto.de
>!news.gun.de!news.hamburg.pop.de!nordwest.pop.de!informatik.uni-bremen.de
>!cs.tu-berlin.de!zib-berlin.de!news.uni-ulm.de!rz.uni-karlsruhe.de!xlink.net
>!howland.reston.ans.net!swrinde!elroy.jpl.nasa.gov!usc!news.cerf.net
>!nntp2.cerf.net!bbs.ug.eds.com!ix.netcom.com!news.sesqui.net!nntpx.uu.net!tale

I'm sorry for you German guys, you probably never get news the same day it's
posted ? 12 hops in Germany alone, is that all UUCP or does unido do NNTP
yet ? I heard Germany still doesn't allow 2400 modems and defines 1200 and
300 as the only allowable modems on the phone system, is that right :-)

I see news from UUnet passes through Dave's JPL and Netcom before going
to howland.reston.ans.net and via that to Europe, very interesting...

Rob
--
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~
Rob J. Nauta r...@redwood.nl

NOTE: my opinions are strictly my own and not those of my employer

[Seth Breidbart]

Newsgroups: de-Boursified

In article <3rkt1c...@bhars12c.bnr.co.uk>,

David Wright <d...@bnr.co.uk> wrote:
>In article <3rgka0$i...@ccnet.ccnet.com>, Scott A. Moore <s...@ccnet.com> wrote:
>#But are the standards being updated to make this kind of nonsense
>#impossible (or more difficult) ? Requiring PGP signatures on control
>#messages would seem like a start....
>
>This has been discussed recently on the moderators list, and some good
>work has been done on it, but I'm not aware of any date for implemenatation.
>
>Bear in mind that using PGP signatures on all control messages would be
>impractical until almost all news sites update to a future news version

Why? Those who update could check messages, those who don't could
either only accept messages from sites they trust (who have updated)
or they could accept all messages (as now). Some sites would be
better off, nobody would lose. (And, to the extent it makes forgery
less effective, it might reduce the amount of forgery as well.)

>with support for it (read: never), but the approach could be used to
>protect moderated news groups and perhaps to verify newgroup messages.

Nope; even a small partial implementation would do some good.

Seth

[Michael Shields]

In article <DA4xv...@pointer.in-minden.de>,

Lars Marowsky-Bree <l...@pointer.in-minden.de> wrote:
> Well yes, the second messageid was better. But take a look at the path...
>

> pointer.in-minden.de!minden.in-minden.de!brolga.teuto.de!linteuto.teuto.de
> !news.gun.de!news.hamburg.pop.de!nordwest.pop.de!informatik.uni-bremen.de
> !cs.tu-berlin.de!zib-berlin.de!news.uni-ulm.de!rz.uni-karlsruhe.de!xlink.net
> !howland.reston.ans.net!swrinde!elroy.jpl.nasa.gov!usc!news.cerf.net
> !nntp2.cerf.net!bbs.ug.eds.com!ix.netcom.com!news.sesqui.net!nntpx.uu.net!tale
>

> BTW, could somebody on the other side of the world please check this path? I
> would like to know the largest common segment to track down the machine this
> was posted via.

From a site actually conncted to uunet:

Path: tembel!uunet!europa.chnt.gtegsc.com!news.mathworks.com!
newshost.marcam.com!usc!howland.reston.ans.net!pipex!warwick!
news.dcs.warwick.ac.uk!hgmp.mrc.ac.uk!sunsite.doc.ic.ac.uk!susx.ac.uk!
news.bton.ac.uk!agate!ix.netcom.com!news.sesqui.net!nntp1.uu.net!tale

Compare to a true Path: from tale:

Path: tembel!uunet!tale
--
Shields.

[Michael Shields]

From: shi...@tembel.org (Michael Shields) In article <DA4xv...@pointer.in-minden.de>, Lars Marowsky-Bree <l...@pointer.in-minden.de> wrote: > Well yes, the second messageid was better. But take a look at the path... > pointer.in-minden.de!minden.in-minden.de!brolga.teuto.de!linteuto.teuto.de > !news.gun.de!news.hamburg.pop.de!nordwest.pop.de!informatik.uni-bremen.de > !cs.tu-berlin.de!zib-berlin.de!news.uni-ulm.de!rz.uni-karlsruhe.de!xlink.net > !howland.reston.ans.net!swrinde!elroy.jpl.nasa.gov!usc!news.cerf.net > !nntp2.cerf.net!bbs.ug.eds.com!ix.netcom.com!news.sesqui.net!nntpx.uu.net!tal > BTW, could somebody on the other side of the world please check this path? I > would like to know the largest common segment to track down the machine this > was posted via. From a site actually conncted to uunet: Path: tembel!uunet!europa.chnt.gtegsc.com!news.mathworks.com! newshost.marcam.com!usc!howland.reston.ans.net!pipex!warwick! news.dcs.warwick.ac.uk!hgmp.mrc.ac.uk!sunsite.doc.ic.ac.uk!susx.ac.uk! news.bton.ac.uk!agate!ix.netcom.com!news.sesqui.net!nntp1.uu.net!tale Compare to a true Path: from tale: Path: tembel!uunet!tale Shields. --------------------------------------------------- * The Blues Cafe! Dallas, Tx. Home of BigD Online * * Dallas' Best BBS List! (214) 638-1181 8 Lines! * ---------------------------------------------------

[Michael Shields]

[Alex Hayward]

In article <DA4xv...@pointer.in-minden.de> l...@pointer.in-minden.de (Lars Marowsky-Bree) wrote:

> Colin Douthwaite (Colin_Do...@equinox.gen.nz) wrote:
>
> > : >Message-ID: <StUPi...@uunet.uu.net>
> > There were actually TWO postings. Did you think one was just a duplicate ?
> > I thought so at first.
>

> Well yes, the second messageid was better. But take a look at the path...
>
> pointer.in-minden.de!minden.in-minden.de!brolga.teuto.de!linteuto.teuto.de
> !news.gun.de!news.hamburg.pop.de!nordwest.pop.de!informatik.uni-bremen.de
> !cs.tu-berlin.de!zib-berlin.de!news.uni-ulm.de!rz.uni-karlsruhe.de!xlink.net
> !howland.reston.ans.net!swrinde!elroy.jpl.nasa.gov!usc!news.cerf.net

> !nntp2.cerf.net!bbs.ug.eds.com!ix.netcom.com!news.sesqui.net!nntpx.uu.net!tale

>
> BTW, could somebody on the other side of the world please check this path? I
> would like to know the largest common segment to track down the machine this
> was posted via.
>

I'm not exactly on the other side of the world, but in both copies the path I
got is the same up to ix.netcom.com. Strangely (?) enough, the paths of the
two messages are the same up to that point as well...

Path:u-net.com!uknet!uel!news.provo.novell.com!nntp.et.byu.edu!
netline-fddi.jpl.nasa.gov!elroy.jpl.nasa.gov!swrinde!pipex!warwick!
news.dcs.warwick.ac.uk!hgmp.mrc.ac.uk!sunsite.doc.ic.ac.uk!susx.ac.uk!
news.bton.ac.uk!agate!ix.netcom.com!news.sesqui.net!nntp1.uu.net!tale

for Message-ID: <StUPi...@uunet.uu.net>

and

Path:
hayward.u-net.com!u-net.com!uknet!uel!news.provo.novell.com!nntp.et.byu.edu!
gatech!howland.reston.ans.net!lamarck.sura.net!guvax.acc.georgetown.edu!
ix.netcom.com!news.sesqui.net!nntpx.uu.net!tale

for Message-ID: <nTTz0....@uunet.uu.net>

--
al...@hayward.u-net.com

[Kenneth Almquist]

bou...@world.std.com (Stephen Boursy) writes:
> What this demonstrates to me is that a forgery is a forgery. PGP
> 'approved' control messages won't help--who is to do the approval but a
> small body of self appointed power freaks?

Cancel messages can be approved by the person who wrote the message being
cancelled. To implement this, include the public key of the originator
of each message in the message header. Require the cancel of a message
to be signed by the person who originated the message.

This can be made backward compatible. Make the public key is optional; if
it is omitted then the signature on the cancel message is optional. Place
the signature in the message header rather than the body.

The main difficulties are legal: RSA is patented and cannot be legally
exported from the United States.
Kenneth Almquist

[Stephen Boursy]

In article <DAnFM...@nntpa.cb.att.com>,

Kenneth Almquist <k...@socrates.hr.att.com> wrote:
>bou...@world.std.com (Stephen Boursy) writes:
>>
>> What this demonstrates to me is that a forgery is a forgery. PGP
>> 'approved' control messages won't help--who is to do the approval but a
>> small body of self appointed power freaks?
>
>Cancel messages can be approved by the person who wrote the message being
>cancelled. To implement this, include the public key of the originator
>of each message in the message header. Require the cancel of a message
>to be signed by the person who originated the message.
>

That sounds very good--in would help end forgery and ensure
those issuing cancels are only doing so on their own posts.

Steve

[Seth Breidbart]

Newsgroups: partially de-boursified

In article <DA41A...@world.std.com>,
Stephen Boursy <bou...@world.std.com> wrote:

> What this demonstrates to me is that a forgery is a forgery. PGP
>'approved' control messages won't help--who is to do the approval but a
>small body of self appointed power freaks?

How little you understand. PGP will _prevent_ anybody from creating a
believable forgery.

> The truth of the matter is
>that while these instructions and the mindset behind them is
>reprehensible the same is true of the so-called 'approved' forgeries. No
>one has the right to forge a cancel of another message.

And nobody will. Under the new scheme, there will be signed messages
that say "I believe message <id> should be deleted". Those messages
will be signed by the person posting them. Hence, there will be no
forgery involved.

> I've never noted a coorelation between 'the more intelligent' and

Nobody here believe that you would recognize intelligence if it ran
screaming from you (which is quite likely, come to think of it).

> What this clearly demonstrates is the need for consumer
>protection legislation and serious enforcement against

adding bunches of Newsgroups: to the header

> forgery and

In case you haven't noticed, government banning doesn't prevent
something from happening.

Seth

[Seth Breidbart]

In article <3skuhb$1...@mark.ucdavis.edu>,
Albert Yang <sza...@rocky.ucdavis.edu> wrote:
>Seth Breidbart (se...@panix.com) wrote:

>: How little you understand. PGP will _prevent_ anybody from creating a
>: believable forgery.
>
>Since most of the PGP keys I've picked up off the MIT key server aren't
>signed by anybody (or only by themselves), what's to prevent somebody
>from creating a key for, say, Bill Clinton, signing it with that bogus
>key and a bogus Al Gore key, and then posting with a forged header?

Nothing. But nobody is going to cancel a message because "Bill
Clinton" said to, either, so I don't care.

(In any event, I'd expect their keys to be available from a
whitehouse.gov keyserver.)

Seth

[Albert Yang]

Seth Breidbart (se...@panix.com) wrote:
: Newsgroups: partially de-boursified

: In article <DA41A...@world.std.com>,
: Stephen Boursy <bou...@world.std.com> wrote:

: > What this demonstrates to me is that a forgery is a forgery. PGP
: >'approved' control messages won't help--who is to do the approval but a
: >small body of self appointed power freaks?

: How little you understand. PGP will _prevent_ anybody from creating a
: believable forgery.

Since most of the PGP keys I've picked up off the MIT key server aren't
signed by anybody (or only by themselves), what's to prevent somebody
from creating a key for, say, Bill Clinton, signing it with that bogus
key and a bogus Al Gore key, and then posting with a forged header?

--
Albert Yang | Q. What do you call an eigenvalue computed on
Internet: apy...@ucdavis.edu | the Pentium? A. An eigenerror.
-----------------------------------------------------------------------------
finger -l sza...@rocky.ucdavis.edu for PGP public key block

[Russ Allbery]

In news.admin.misc, Seth Breidbart <se...@panix.com> writes:
>
>Newsgroups: partially de-boursified

Newsgroups completely trimmed, with the possible exception of
comp.admin.policy (not sure if it's appropriate or not).

>How little you understand. PGP will _prevent_ anybody from creating a
>believable forgery.

Not until you solve the key management problem. Yes, it gives the news
server a possible way of establishing exactly who sent the control message,
but it's a lot more complex than it appears.

First, key checking is not a trivial operation, even when the public key is
available to do it. It isn't exactly *slow*, but doing it for every cancel
message is a serious processor drain.

The more serious problem is with key management -- in order to test the
validity of a control message, you need the person's public key. How do you
get that reasonably quickly? Not everyone uses the same keyserver, or makes
their key available in the same way. A key can also be easily created and
put on a keyserver under a false name. What about newbies cancelling
for-sale posts they posted; they now have to get PGP to do it? PGP doesn't
ship standard with Unix, and it isn't even available for many platforms that
can run news.

There are two standard ways to solve the key distribution problem: an
authoritative server and the web of trust. Having a central server that
authenticates keys goes against the entire spirit of Usenet, and how to you
propose to manage a web of trust so that a server in Mexico can know whether
a key originating in Norway is valid?

There are a *lot* of unsolved problems with switching to a PGP-based cancel
system. Now having individual spam-cancellers sign their cancel messages is
a far different idea than replacing the current cancel system, and in fact
would probably work. I gather NoCem is planning on starting a new control
message of some kind for this? (I should go research it a bit more.)

[C. James Murphy]

Somebody wrote:

>>The main difficulties are legal: RSA is patented and cannot be legally
>>exported from the United States.
>> Kenneth Almquist
>
>

You can get PGP if you look around. I got it from somewhere in Norway,
but you can try :

ftp: sable.ox.ac.uk
dir: /pub/crypto/pgp/pc/

You don't have any problems with the stupid USA export nonsense
because it's already out! Though the authorities are prosecuting the
fellow who wrote the program (PGP). They can't stand the idea that
people might be able to communicate without the government being able
to eavesdrop at their leisure. If you're interested, you might drop into
alt.security.pgp and lurke for a while. It's really interesting.

Jim Murphy

Oh, another neat trick, just to piss of the NSA and CIA eavesdropping
machines, which are supposedly filtering the postings and mail of
people the world over for certain word combinations, is to include
various words somewhere in your post. Something like: assasination,
bomb, nitrates, cocaine, kilos, feds, Kennedy, Clinton, etc.
There's a good chance some weenie will be reading this now, because a
computer flagged this posting. Go grab a donut pal.

[John Stanley]

In article <3sktbu$a...@panix3.panix.com>,

Seth Breidbart <se...@panix.com> wrote:
>How little you understand. PGP will _prevent_ anybody from creating a
>believable forgery.

You assume too much.

PGP will only prevent forgeries (believable or otherwise) if everyone in
the world uses it for everything they distribute electronically.

Two examples where PGP doesn't do squat:

1. Someone forges something with my name on it with no PGP signature.
You can run your PGP forgery detector over it a million times and you
won't detect, or have prevented, the forgery.

2. Someone forges a PGP key for me and sends it to a key distribution
center. Then they forge an article and sign it with my forged key. Your
PGP forgery detector says "not a forgery".

[John Stanley]

In article <3squtg$c...@globe.indirect.com>,
Jason and Heather <stei...@indirect.com> wrote:

>John Stanley (sta...@skyking.OCE.ORST.EDU) wrote:
>> Two examples where PGP doesn't do squat:

>amazing how PGP doesn't work if you don't use it.

No, amazing how PGP doesn't work if either one of the parties doesn't
use it.

>> 2. Someone forges a PGP key for me and sends it to a key
>> distribution center. Then they forge an article and sign it with my
>> forged key. Your PGP forgery detector says "not a forgery".
>

>not if the person who wrote it knows anything about public key
>crypto it doesn't.

Well, let's assume that the person who wrote PGP knows "anything" about
public key crypto. That means that you think that running PGP on a
forged, signed article, using the forged public key that matches the
forged private key the article was signed with, will report that the
article is a forgery. Can you explain why this won't happen, given that
the author of PGP himself mentions this as a problem?

[Steve Gilham]

C. James Murphy (mur...@cadvision.com) wrote:

> Somebody wrote:

> >>The main difficulties are legal: RSA is patented and cannot be legally
> >>exported from the United States.
> >> Kenneth Almquist
> >
> >

> You can get PGP if you look around. I got it from somewhere in Norway,
> but you can try :

> ftp: sable.ox.ac.uk
> dir: /pub/crypto/pgp/pc/

> You don't have any problems with the stupid USA export nonsense
> because it's already out! Though the authorities are prosecuting the

Not only that, but the patents, being post-publication, aren't valid
outside the US either. However some countries (e.g. France) have made
use of strong crypto like PGP - even just for digital signatures -
illegal.

> Oh, another neat trick, just to piss of the NSA and CIA eavesdropping
> machines, which are supposedly filtering the postings and mail of
> people the world over for certain word combinations, is to include
> various words somewhere in your post. Something like: assasination,
> bomb, nitrates, cocaine, kilos, feds, Kennedy, Clinton, etc.
> There's a good chance some weenie will be reading this now, because a
> computer flagged this posting. Go grab a donut pal.

If you use emacs as an editing package, you can save effort by just
going Meta-x spook to get a randomly selected bunch of keywords like

Rule Psix radar bomb Honduras $400 million in gold bullion Peking
Noriega BATF Nazi FSF kibo genetic supercomputer fissionable spy

--
-- st...@windsong.demon.co.uk (home) ---- PGP keys available on keyservers --
Steve Gilham |GDS Ltd.,Wellington Ho. |Lives of great men all remind us
Software Specialist|East Road, Cambridge |We may make our lives sublime
steveg@ |CB1 1BH, UK |And departing, leave behind us
uk.gdscorp.com |Tel:(44)1223-300111x2904|Footprints in the sands of time.
Key fingerprint = 08 8A 67 70 6E 86 09 B4 38 0A BD C4 53 1C 88 99

[Michael Cramer]

John Stanley (sta...@skyking.oce.orst.edu) wrote:
: >> 2. Someone forges a PGP key for me and sends it to a key

: >> distribution center. Then they forge an article and sign it with my
: >> forged key. Your PGP forgery detector says "not a forgery".
: >
: >not if the person who wrote it knows anything about public key
: >crypto it doesn't.

: article is a forgery. Can you explain why this won't happen, given that

: the author of PGP himself mentions this as a problem?

You are forgetting one of the basic -- and crucial -- aspects of using PGP
effectively. If you don't have PROOF that a key is valid, then the only
information you can get from a PGP signature is the validity of the signature.
Just because the signature is valid does not mean the key is valid. There are
only two ways to tell whether a key is valid: 1) It is signed by someone you
trust not to sign fake keys. 2) You get it personally from the owner. A key
can be on every keyserver and signed by three hundred other keys, and you
still can't prove a thing about its owner unless you trust one or more of the
signatures.

--
Mike Cramer

[Jason and Heather]

John Stanley (sta...@skyking.OCE.ORST.EDU) wrote:
> Seth Breidbart <se...@panix.com> wrote:
> >
> >How little you understand. PGP will _prevent_ anybody from
> >creating a believable forgery.

> You assume too much.

> PGP will only prevent forgeries (believable or otherwise) if
> everyone in the world uses it for everything they distribute
> electronically.

> Two examples where PGP doesn't do squat:

> 1. Someone forges something with my name on it with no PGP

> signature. You can run your PGP forgery detector over it a million
> times and you won't detect, or have prevented, the forgery.

amazing how PGP doesn't work if you don't use it.

> 2. Someone forges a PGP key for me and sends it to a key

> distribution center. Then they forge an article and sign it with my
> forged key. Your PGP forgery detector says "not a forgery".

not if the person who wrote it knows anything about public key
crypto it doesn't.

jason

--
Lord, grant me the serenity to accept the things I cannot change, the
courage to change the things I can, and the wisdom to hide the bodies
of those people I had to kill because they pissed me off.
`,`,`,`,`,`,`,`,`,`,`,`,`,`,`,`,`,`,`,`,`,`,` stei...@indirect.com `,`,`,`

[Mike Schenk]

Arnoud "Galactus" Engelfriet <gala...@stack.urc.tue.nl> writes in news.admin.policy,comp.admin.policy,comp.security.misc,misc.legal.computing,news.admin.misc,alt.activism,alt.censorship,alt.comp.acad-freedom.talk,alt.fan.speedbump,news.admin.net-abuse.misc:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>In article <3sq69f$g...@gaia.ucs.orst.edu>,

>sta...@skyking.OCE.ORST.EDU (John Stanley) wrote:
>> Two examples where PGP doesn't do squat:
>>
>> 1. Someone forges something with my name on it with no PGP signature.
>> You can run your PGP forgery detector over it a million times and you
>> won't detect, or have prevented, the forgery.
>

>Unless of course you state in public that anything _without_ a valid
>signature *is* a forgery.

But why would anyone believe you?

Mike

[Arnoud Galactus Engelfriet]

-----BEGIN PGP SIGNED MESSAGE-----

In article <3sq69f$g...@gaia.ucs.orst.edu>,
sta...@skyking.OCE.ORST.EDU (John Stanley) wrote:
> Two examples where PGP doesn't do squat:
>
> 1. Someone forges something with my name on it with no PGP signature.
> You can run your PGP forgery detector over it a million times and you
> won't detect, or have prevented, the forgery.

Unless of course you state in public that anything _without_ a valid
signature *is* a forgery.

> 2. Someone forges a PGP key for me and sends it to a key distribution

> center. Then they forge an article and sign it with my forged key. Your
> PGP forgery detector says "not a forgery".

Why should anyone believe a key is mine just because my name is on it?

Galactus

****** To find out more about PGP, send mail with subject HELP PGP to me ******
[Press spacebar for signatures or 'n' for next article]

- --
****** To find out more about PGP, send mail with subject HELP PGP to me ******
E-mail: gala...@stack.urc.tue.nl - PGP encrypted please - Mail for info < >
Keyprint: DD FC 6F 05 C5 1C 86 B2 E7 3B 6A BD 06 CF E8 4E - ID 416A1A35 > <
"I'm the best there is at what I do. Though what I do isn't very nice!" ||

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAgUBL/GBjTyeOyxBaho1AQGlQQP/ZQppjC3GMUttpa3O4n+i+/eLjwFrqL5A
qv+CdQS9obj0AcLMAutW8r18j5dvHimHtkZK5DUY13N8VyyuSpDDRTX5WfYUPKhp
v3zXhl1YwURz+GiAOOswTzfl76DwkYGe82jCJxRYBQlHWxSbp0Rpx6+B3WGyslg1
PcSTh0s1ogA=
=/uKZ
-----END PGP SIGNATURE-----

[Stephen Boursy]

In article <80436426...@oce.orst.edu>,

John Stanley <sta...@skyking.oce.orst.edu> wrote:
>In article <3squtg$c...@globe.indirect.com>,
>Jason and Heather <stei...@indirect.com> wrote:
>>
>>

>>amazing how PGP doesn't work if you don't use it.
>

>No, amazing how PGP doesn't work if either one of the parties doesn't
>use it.
>

For additional security my PGP .sig is in invisable ink. It's
not perfect but it helps.

Steve

[Dom De Vitto]

Michael Cramer (cra...@farallon.geosc.psu.edu) wrote:
> John Stanley (sta...@skyking.oce.orst.edu) wrote:
> : >> 2. Someone forges a PGP key for me and sends it to a key

> : >> distribution center. Then they forge an article and sign it with my
> : >> forged key. Your PGP forgery detector says "not a forgery".

> : >
> : >not if the person who wrote it knows anything about public key
> : >crypto it doesn't.

> : article is a forgery. Can you explain why this won't happen, given that

> : the author of PGP himself mentions this as a problem?

> You are forgetting one of the basic -- and crucial -- aspects of using PGP
> effectively. If you don't have PROOF that a key is valid, then the only
> information you can get from a PGP signature is the validity of the signature.
> Just because the signature is valid does not mean the key is valid. There are
> only two ways to tell whether a key is valid: 1) It is signed by someone you
> trust not to sign fake keys. 2) You get it personally from the owner. A key
> can be on every keyserver and signed by three hundred other keys, and you
> still can't prove a thing about its owner unless you trust one or more of the
> signatures.

That is exactly the point, and makes PGP brilliant and crap.

Dom

[Michael Cramer]

Dom De Vitto (dev...@london.sinet.slb.com) wrote:
: That is exactly the point, and makes PGP brilliant and crap.

But when used properly, effective crap. While internet based email and posting
is at best untrustworthy and insecure -- when used properly.

--
Mike Cramer

[John Stanley]

In article <3ss9vl$6...@wegener.ems.psu.edu>,

Michael Cramer <MikeC...@psu.edu> wrote:
>John Stanley (sta...@skyking.oce.orst.edu) wrote:
>: >> 2. Someone forges a PGP key for me and sends it to a key
>: >> distribution center. Then they forge an article and sign it with my
>: >> forged key. Your PGP forgery detector says "not a forgery".
>: >
>: >not if the person who wrote it knows anything about public key
>: >crypto it doesn't.
>
>: article is a forgery. Can you explain why this won't happen, given that
>: the author of PGP himself mentions this as a problem?
>
>You are forgetting one of the basic -- and crucial -- aspects of using PGP
>effectively.

Come one people. Figure it out.

No, I am not the one who is forgetting the problem of key
authenticity. If you look at the example, which demonstrates that
problem perfectly, you might note that _I_ was the one who provided
that example. Count the ">"s. I am perfectly aware of the problem of
authenticating keys, and that keys can be created on behalf of other
people, and that this tiny detail is what makes PGP fail at being a
forgery detector.

>If you don't have PROOF that a key is valid, then the only
>information you can get from a PGP signature is the validity of the signature.

Well, that depends on what you mean by "valid". If you mean, as the
person who claimed that using PGP prevented forgeries did, that "valid"
means "from the person who it claims to be from", then you are wrong.

The only meaning of "valid" that makes your claim true is "matches the
public key". "Matches the public key" is not proof that the article
signed by the private key is not a forgery. Since it was claimed that
PGP would prevent forgeries, and this simple example shows that it will
not, I think I made my point.

[John Stanley]

In article <t8W8v4uY...@stack.urc.tue.nl>,
Arnoud "Galactus" Engelfriet <gala...@stack.urc.tue.nl> wrote:

Why is it so hard for PGP fans to accept what PGP does not do?

>In article <3sq69f$g...@gaia.ucs.orst.edu>,
>sta...@skyking.OCE.ORST.EDU (John Stanley) wrote:
>> Two examples where PGP doesn't do squat:
>>
>> 1. Someone forges something with my name on it with no PGP signature.
>> You can run your PGP forgery detector over it a million times and you
>> won't detect, or have prevented, the forgery.
>
>Unless of course you state in public that anything _without_ a valid
>signature *is* a forgery.

PGP will have neither prevented nor detected a forgery of the type I
mentioned. In other words, PGP didn't do squat. You might believe the
article is a forgery based on information other than from PGP, but PGP
didn't tell you the article was forged. At best, it will tell you
"unsigned".

And if your "proof" that something is a forgery is someone saying it
is, then you must be buddies with John Palmer.

>> 2. Someone forges a PGP key for me and sends it to a key distribution
>> center. Then they forge an article and sign it with my forged key. Your
>> PGP forgery detector says "not a forgery".
>

>Why should anyone believe a key is mine just because my name is on it?

Uhhhh, because they got it from a recognized keyserver?

But it doesn't matter if they believe the key is yours. PGP will say
that the keys match, and thus, according to PGP, the article is not a
forgery. In other words, PGP didn't do squat to prevent or detect the
forgery. YOU have to understand that the key you got might be bogus, and
YOU have to put your own level of trust in the key. In short, YOU
have to decide to believe PGP or not, even when PGP is saying "not a
forgery".

So, two cases in which PGP doesn't do squat to prevent or detect
forgeries. Just like I said.

Now, you seem to think that my saying that anything without a signature
is a forgery would allow people to detect forgeries in my name. Not
"allow PGP", since PGP can't possibly know what I said. I will assume,
of course, that you wouldn't accept such a statement without it being
signed, for if you did you would be stuck in a paradox. I didn't sign
it, so it must be a forgery because it says unsigned things from me are
forgeries. But, if it is a forgery, then the statement is untrue, and
the article could be real. But if it's real, then it it's a forgery...

Ok, let's try this: someone forges a public/private key in my name. They
send the public key off to a keyserver. They post an article that says
"From this point on, anything I post will be signed. Anything not signed
is a forgery."

Not only will PGP tell you that the article is real (the keys match!),
you will now think that real articles are forgeries. You are 180 degrees
out of phase with reality. How convenient.

[Michael Cramer]

John Stanley (sta...@skyking.oce.orst.edu) wrote:

: >Why should anyone believe a key is mine just because my name is on it?

: Uhhhh, because they got it from a recognized keyserver?

Because a key is on a keyserver is not proof it belongs to the person it
appears to belong to. Anyone who trusts a key just because it was on a
keyserver should not be using PGP.

: But it doesn't matter if they believe the key is yours. PGP will say

: that the keys match, and thus, according to PGP, the article is not a
: forgery. In other words, PGP didn't do squat to prevent or detect the

No. PGP will say:

Good signature from user "Blah Blah Blah <bl...@blah.blah>".
Signature made 1995/06/29 21:06 GMT

WARNING: Because this public key is not certified with a trusted
signature, it is not known with high confidence that this public key
actually belongs to: "Blah Blah Blah <bl...@blah.blah>".

If you believe an uncertified key, that's your own damn fault.

: YOU have to put your own level of trust in the key. In short, YOU

Exactly.

: have to decide to believe PGP or not, even when PGP is saying "not a
: forgery".

PGP does not say anything about forgery. It only knows keys.

: So, two cases in which PGP doesn't do squat to prevent or detect

: forgeries. Just like I said.

PGP can't detect anything if you don't give it enough information to work
with. If someone came up to me on the street and handed me a million Indian
Rupees, I wouldn't be able to tell if they were forgeries or not. I don't have
enough information to make that sort of judgement. Same with PGP. No one
(with any knowledge of how PGP works) claims it is a solution in itself, only
that it is a tool which, when used properly, can be PART of a solution.

: Now, you seem to think that my saying that anything without a signature

: is a forgery would allow people to detect forgeries in my name. Not
: "allow PGP", since PGP can't possibly know what I said. I will assume,
: of course, that you wouldn't accept such a statement without it being
: signed, for if you did you would be stuck in a paradox. I didn't sign
: it, so it must be a forgery because it says unsigned things from me are
: forgeries. But, if it is a forgery, then the statement is untrue, and
: the article could be real. But if it's real, then it it's a forgery...

That's why anyone who wants to use PGP effectively makes sure they get their
keys (or at least the key's fingerprint) from the owners directly -- face to
face. You have to step out of the loop at least once before you can trust a
key.

: Ok, let's try this: someone forges a public/private key in my name. They

: send the public key off to a keyserver. They post an article that says
: "From this point on, anything I post will be signed. Anything not signed
: is a forgery."
: Not only will PGP tell you that the article is real (the keys match!),
: you will now think that real articles are forgeries. You are 180 degrees
: out of phase with reality. How convenient.

No, because 1) I don't trust unsigned posts. 2) I don't trust posts which are
signed with keys I don't trust. Therefore, I would ignore the entire scenerio
you just mentioned.

--
Mike Cramer

[Seth Breidbart]

In article <80445862...@oce.orst.edu>,
John Stanley <sta...@skyking.oce.orst.edu> wrote:

>But it doesn't matter if they believe the key is yours. PGP will say
>that the keys match, and thus, according to PGP, the article is not a
>forgery. In other words, PGP didn't do squat to prevent or detect the

>forgery. YOU have to understand that the key you got might be bogus, and

>YOU have to put your own level of trust in the key. In short, YOU

>have to decide to believe PGP or not, even when PGP is saying "not a
>forgery".

PGP will tell me that the person who signed _this_ message is the
_same_ person who signed all the previous messages with the same name.
I don't know who "John Stanley <sta...@skyking.oce.orst.edu>" is, but
I know that someone who posts under that name has earned some
credibility by posting correct things. As things stand now, there's
no way for me to tell if an article that appears under that name was
posted by the same person who earned that credibility. With PGP, I
could so determine. It might well be that the person posting under
that name is _really_ named Michael Valentine Smith, but so what?

In short, PGP tells me that "The person who signed _this_ article is
the same person who signed _those other_ articles."

Seth

[Russ Allbery]

[ Newsgroups line annihilated in massive explosion. Police are attempting
to locate the antimatter group. Film at 11. ]

In news.admin.misc, Michael Cramer <MikeC...@psu.edu> writes:
>
>You are forgetting one of the basic -- and crucial -- aspects of using PGP

>effectively. If you don't have PROOF that a key is valid, then the only

>information you can get from a PGP signature is the validity of the signature.

>Just because the signature is valid does not mean the key is valid. There are
>only two ways to tell whether a key is valid: 1) It is signed by someone you
>trust not to sign fake keys. 2) You get it personally from the owner. A key
>can be on every keyserver and signed by three hundred other keys, and you
>still can't prove a thing about its owner unless you trust one or more of the
>signatures.

Exactly. Now since the news servers don't know any poster from Adam, and
therefore cannot verify their keys, how does adding PGP to news servers help
at all?

[Arnoud Galactus Engelfriet]

-----BEGIN PGP SIGNED MESSAGE-----

In article <80445862...@oce.orst.edu>,

sta...@skyking.oce.orst.edu (John Stanley) wrote:
> In article <t8W8v4uY...@stack.urc.tue.nl>,
> Arnoud "Galactus" Engelfriet <gala...@stack.urc.tue.nl> wrote:
>
> Why is it so hard for PGP fans to accept what PGP does not do?

I'm just pointing out some inaccuraccies I saw about PGP.

> >Unless of course you state in public that anything _without_ a valid
> >signature *is* a forgery.
>
> PGP will have neither prevented nor detected a forgery of the type I
> mentioned. In other words, PGP didn't do squat. You might believe the
> article is a forgery based on information other than from PGP, but PGP
> didn't tell you the article was forged. At best, it will tell you
> "unsigned".

Yes, but PGP can tell you that the signature is invalid, or that there
is no signature on the message. Using that information, you can decide
that it's a forgery.

> And if your "proof" that something is a forgery is someone saying it
> is, then you must be buddies with John Palmer.

No, I mean that if you see an article claiming to be from _me_ without
a valid signature from _my_ secret key, then that article is a forgery.

> >Why should anyone believe a key is mine just because my name is on it?
>
> Uhhhh, because they got it from a recognized keyserver?

A keyserver does not guarantee the key is from the person whose name is
on it.

> But it doesn't matter if they believe the key is yours. PGP will say
> that the keys match, and thus, according to PGP, the article is not a
> forgery. In other words, PGP didn't do squat to prevent or detect the
> forgery. YOU have to understand that the key you got might be bogus, and
> YOU have to put your own level of trust in the key. In short, YOU
> have to decide to believe PGP or not, even when PGP is saying "not a
> forgery".

The problem lies with _key distribution_ not with PGP per se. If you
could only obtain PGP keys by visiting the owner of the key in person,
then PGP would work perfectly.

> Now, you seem to think that my saying that anything without a signature
> is a forgery would allow people to detect forgeries in my name. Not
> "allow PGP", since PGP can't possibly know what I said. I will assume,
> of course, that you wouldn't accept such a statement without it being
> signed, for if you did you would be stuck in a paradox. I didn't sign
> it, so it must be a forgery because it says unsigned things from me are
> forgeries. But, if it is a forgery, then the statement is untrue, and
> the article could be real. But if it's real, then it it's a forgery...

That's where my headaches usually begin. :-)
I always sign articles I post, so you would at least raise an eyebrow
if you saw an article with "From: gala...@stack.urc.tue.nl" without
the -----BEGIN PGP SIGNED MESSAGE----- at the top of the body. In theory,
you should assume that this hypothetical articles is a forgery, because
I didn't sign it.

> Ok, let's try this: someone forges a public/private key in my name. They
> send the public key off to a keyserver. They post an article that says
> "From this point on, anything I post will be signed. Anything not signed
> is a forgery."
>
> Not only will PGP tell you that the article is real (the keys match!),
> you will now think that real articles are forgeries. You are 180 degrees
> out of phase with reality. How convenient.

Interesting problem. Of course, I'll now say that you shouldn't trust
signatures when you don't have a validated key, so your example doesn't
work. In this case, I doubt that you have a validated key from me, so
the signature below this message doesn't tell you anything about this
message.

Galactus
I'd appreciate a Cc to followups, since I won't be reading news during
the next week.

****** To find out more about PGP, send mail with subject HELP PGP to me ******
[Press spacebar for signatures or 'n' for next article]

- --
****** To find out more about PGP, send mail with subject HELP PGP to me ******
E-mail: gala...@stack.urc.tue.nl - PGP encrypted please - Mail for info < >
Keyprint: DD FC 6F 05 C5 1C 86 B2 E7 3B 6A BD 06 CF E8 4E - ID 416A1A35 > <
"I'm the best there is at what I do. Though what I do isn't very nice!" ||

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAgUBL/P/KjyeOyxBaho1AQFKBAQAlsPQwzwAbDiV03G0ZmHKqtgezSLhEh/F
izP9i8v43k2iZpUXcvBXw9xO0Vew2UUrBjzmQ9mBFNUb+1O9Oj9ebhPY46nRtUaW
5IA+hFBGp6+MqLb0J5Qo9Qgb0viYYS0fBgNTDdJ1SiRzPlArl7nhhMFC+SpiEOeN
zE3E/aDvieU=
=VVXC
-----END PGP SIGNATURE-----

[John Stanley]

In article <3sv634$c...@wegener.ems.psu.edu>,

Michael Cramer <MikeC...@psu.edu> wrote:
>John Stanley (sta...@skyking.oce.orst.edu) wrote:
>

>: >Why should anyone believe a key is mine just because my name is on it?

>
>: Uhhhh, because they got it from a recognized keyserver?
>

>Because a key is on a keyserver is not proof

You didn't ask why it would prove it was yours, you asked why they
would believe it was yours. People believe a lot of things when they
are told them by something that looks like an official source. People
keep talking about USENET as if it were just a part of the Internet,
because their ISP hyped it that way in their advertising. People keep
calling USENET newsgroups "bulletin boards". Many of them are going to
look at a key they get from a keyserver with an expectation that it is
valid, just like they accept the From: address in email because the
computer is telling it to them.

>appears to belong to. Anyone who trusts a key just because it was on a
>keyserver should not be using PGP.

There will be a lot of people that you don't want using PGP, then,
because they will use it. How do you intend on stopping them?

>: So, two cases in which PGP doesn't do squat to prevent or detect
>: forgeries. Just like I said.
>
>PGP can't detect anything if you don't give it enough information to work
>with.

Hey! Really?

>That's why anyone who wants to use PGP effectively makes sure they get their
>keys (or at least the key's fingerprint) from the owners directly -- face to
>face. You have to step out of the loop at least once before you can trust a
>key.

Oh, I can see it now. I start signing my articles, and thousands of
people start wandering into the lab here trying to get my public key.
No thanks.

>No, because 1) I don't trust unsigned posts.

Well now, I just went through a long explanation why I didn't think you
would trust unsigned posts, didn't I? That's why I said that the posting
with the "I always sign" statement was signed.

>2) I don't trust posts which are
>signed with keys I don't trust. Therefore, I would ignore the entire scenerio
>you just mentioned.

And many people would not.

[John Stanley]

In article <3svkie$q...@panix3.panix.com>,

Seth Breidbart <se...@panix.com> wrote:
>PGP will tell me that the person who signed _this_ message is the
>_same_ person who signed all the previous messages with the same name.

No, PGP will not tell you that. PGP will tell you that the article you
are looking at was signed with a private key that matches the public
key you have on hand for someone.

Since I have not signed any previous articles, you cannot know that
any article that shows up with a signature passes the PGP test was
posted by the same person who posted the previous ones.

And, at the (not too distant) extreme of paranoia, you can't know that
two messages signed by the same private key are from the same person.
All you know is that they are signed by the same private key.

>In short, PGP tells me that "The person who signed _this_ article is
>the same person who signed _those other_ articles."

In short, not true. And, in short, not relevant to the concept of
"forgery", which is the specific argument that I am here for.

[Jason and Heather]

John Stanley <sta...@skyking.oce.orst.edu> wrote:
> Jason and Heather <stei...@indirect.com> wrote:

> > John Stanley (sta...@skyking.OCE.ORST.EDU) wrote:
> > > Two examples where PGP doesn't do squat:

> >
> > amazing how PGP doesn't work if you don't use it.
>
> No, amazing how PGP doesn't work if either one of the parties doesn't
> use it.

no shit, sherlock.

> > > 2. Someone forges a PGP key for me and sends it to a key
> > > distribution center. Then they forge an article and sign it with my
> > > forged key. Your PGP forgery detector says "not a forgery".
> >

> > not if the person who wrote it knows anything about public key
> > crypto it doesn't.
>

> Well, let's assume that the person who wrote PGP knows "anything" about
> public key crypto. That means that you think that running PGP on a
> forged, signed article, using the forged public key that matches the
> forged private key the article was signed with, will report that the

> article is a forgery. Can you explain why this won't happen, given that

> the author of PGP himself mentions this as a problem?

because PGP doesn't ever _say_ that "this is a forgery".

the _most_ it can say is that a particular document was indeed signed
with the private counterpart of a public key that you hold. so what
does that mean? maybe nothing. a person who writes a forgery detector
will know this, and will not make broad, sweeping statements based
upon the fact that a signature matches.

the author of PGP knew this, and that's why he went to all the trouble
to write in the "web of trust" stuff. if the fact that a document had
a valid signature on it was all you needed, we wouldn't need to bother
with all that.

yes, _anyone_ can create a key with a particular name on it. but until
that key is verified, it doesn't mean squat, and any decent forgery
detector program will say as much.

"Post signed by unverified key <pres...@whitehouse.com>. Possible forgery."
"Post unsigned. Possible forgery."

the verdict is the same.

jason

--
There is nothing nobler or more admirable than when two people who see
eye to eye keep house as man and wife, confounding their enemies and
delighting their friends, as they themselves know better than anyone.
HOMER, The Odyssey

[Tom Swiss]

stei...@bud.indirect.com (Jason and Heather) writes:
>
>yes, _anyone_ can create a key with a particular name on it. but until
>that key is verified, it doesn't mean squat, and any decent forgery
>detector program will say as much.
>
>"Post signed by unverified key <pres...@whitehouse.com>. Possible forgery."
>"Post unsigned. Possible forgery."
>
>the verdict is the same.

"Post signed by verified key <pres...@whitehouse.com>, but verifying
authority could have been spoofed. Possible forgery."

"Post signed by verified key <pres...@whitehouse.com>, but private
key could have been extracted from owner by use of mind-control drugs. Or
TEMPEST emissions. Or shoulder surfing. Or extra-terrestrial telepathy
machines, if you believe in that sort of thing. Possible forgery."

"Post signed by verified key <pres...@whitehouse.com>, but this
forgery detection program could just flat-out be lying to you. Possible
forgery."

"Post signed by verified key <pres...@whitehouse.com>, but your
recollection of reading this message could be a _Total Recall_ style
implanted memory. Possible forgery."

Epistemological issues aside, with enough resources any communication
can be faked. (Except maybe a face-to-face meeting with someone you know
extremely well; even then, there's a possibility that they've been
subverted by The Enemy. Heck, when I talk to myself, I'm not always sure
it's really me...) But we can say it more or less likely that a certain
communication was faked, based on the costs of doing so.

== Tom Swiss/t...@tis.com ==== "Born to die." === _I_ shot Montgomery Burns. ==
"What's so funny 'bout peace, love and understanding?" - Nick Lowe
"If at first you don't succeed, try, try, and try again. Then give
up. There's no use being a damned fool about it." -- W.C. Fields

[Peter da Silva]

In article <3su3qp$t5v@snlsu1>,

Dom De Vitto <dev...@london.sinet.slb.com> wrote:
> That is exactly the point, and makes PGP brilliant and crap.

This is an inherent problem of *any* authentication system. You have to have
an authority that can verify that the identification provided by the system
is valid. This is true whether you're talking about PGP certificates or birth
certificates.

If this suffices to make PGP crap, why then so also does it make every scheme
that provides a mechanism for identifying people crap. For the flaws of the
one are shared by all.
--
Peter da Silva (NIC: PJD2) `-_-'
Network Management Technology Incorporated 'U`
1601 Industrial Blvd. Sugar Land, TX 77478 USA
+1 713 274 5180 "Har du kramat din varg idag?"

[Peter da Silva]

In article <3sv23r$l...@gaia.ucs.orst.edu>,

John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
> Well, that depends on what you mean by "valid". If you mean, as the
> person who claimed that using PGP prevented forgeries did, that "valid"
> means "from the person who it claims to be from", then you are wrong.

I would use "valid" as meaning "posted by someone who had the same private
keys as the person who posted these other PGP-signed articles".

If there aren't any, then that itself casts the PGP-signed one into doubt.
If there are, it should be possible to determine whether the alleged victim
posted the other signed articles or not.

[John Stanley]

In article <id.YBC...@nmti.com>, Peter da Silva <pe...@nmti.com> wrote:
>In article <3sv23r$l...@gaia.ucs.orst.edu>,
>John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
>> Well, that depends on what you mean by "valid". If you mean, as the
>> person who claimed that using PGP prevented forgeries did, that "valid"
>> means "from the person who it claims to be from", then you are wrong.
>
>I would use "valid" as meaning "posted by someone who had the same private
>keys as the person who posted these other PGP-signed articles".

Unfortunately, "not a forgery" doesn't mean "this was posted by the same
person something else was", it means "this thing was posted by the person
it claims to have been posted by."

I.e., the existance of other articles signed with the same key is irrelevant.

[Seth Breidbart]

In article <3t1gv0$g...@gaia.ucs.orst.edu>,

John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
>In article <3svkie$q...@panix3.panix.com>,
>Seth Breidbart <se...@panix.com> wrote:
>>PGP will tell me that the person who signed _this_ message is the
>>_same_ person who signed all the previous messages with the same name.
>No, PGP will not tell you that. PGP will tell you that the article you
>are looking at was signed with a private key that matches the public
>key you have on hand for someone.

Precisely. I'm assuming that the person in question manages his
private key responsibly.

>Since I have not signed any previous articles, you cannot know that
>any article that shows up with a signature passes the PGP test was
>posted by the same person who posted the previous ones.

That's true, now. However, the second time you sign an article, I
learn something. After you've built up credibility (a subjective
thing) based on signed articles, your signature on an article will get
that articles credibility based on your history more so than it does
now (when a forgery might not be detected).

>And, at the (not too distant) extreme of paranoia, you can't know that
>two messages signed by the same private key are from the same person.
>All you know is that they are signed by the same private key.

Which is a lot more than you know now.

>>In short, PGP tells me that "The person who signed _this_ article is
>>the same person who signed _those other_ articles."
>
>In short, not true.

Unless I make the assumption that the person has kept his private key
private.

> And, in short, not relevant to the concept of
>"forgery", which is the specific argument that I am here for.

If I start using PGP, you won't be able to forge an article (or a
control message) to make it appear to have come from me. How is that
not relevant to the concept of "forgery"?

Seth

[John Stanley]

In article <3teti2$7...@panix3.panix.com>,

Seth Breidbart <se...@panix.com> wrote:
>Precisely. I'm assuming that the person in question manages his
>private key responsibly.

"Private key matches public key you have on hand" is not an issue of
"manages private key responsibly." I have already presented an example
of why this is not so.

>That's true, now. However, the second time you sign an article, I
>learn something.

What do you learn? "I now have two articles signed with the same private
key". You haven't learned that I signed those two articles.

>that articles credibility based on your history more so than it does
>now (when a forgery might not be detected).

A forgery might not be detected now. That is the point.

Here is a clue: PGP will tell you nothing about an article from me
being forged, EXCEPT that, right now, today, if you come across an
article that is signed with PGP it IS a forgery. Of course, it is
possible that PGP will tell you it is not a forgery, depending on how
thorough the perp is in distributing a forged public key. In that case,
PGP will lie to you. Without a public key, PGP can tell you nothing
more than that the article was not changed from when it was signed,
which isn't even close to proving it wasn't forged in the first place.

The point is, PGP didn't tell you it was a forgery, I did.
Now, how is this supposed to translate into PGP being a "forgery
detector?"

And, of course, this says nothing about tomorrow when I might decide
to start signing things.

>>All you know is that they are signed by the same private key.
>
>Which is a lot more than you know now.

Which tells you nothing about the articles being forged or not.

>> And, in short, not relevant to the concept of
>>"forgery", which is the specific argument that I am here for.
>
>If I start using PGP, you won't be able to forge an article (or a
>control message) to make it appear to have come from me. How is that
>not relevant to the concept of "forgery"?

First of all, that is a much more limited claim than the "forgery
detection" capability of PGP in general.

Second, I will be perfectly capable of forging something that looks
like it comes from you, as long as the recipient either doesn't have
your public key or does not have PGP. (PGP still has the "no commercial
use" limitation, as far as I know, which makes it off-limits to many
people.) Or, if the recipient is simply too lazy to bother using PGP
to check it.

And, of course, it assumes that nobody breaks into your system and snags
your private key. Or puts a bogus public key on the keyserver. Keyservers
are, as I recall, computer systems which can be broken into just like
any other.

[Peter da Silva]

In article <3t1eb5$6...@gaia.ucs.orst.edu>,

John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
> There will be a lot of people that you don't want using PGP, then,
> because they will use it. How do you intend on stopping them?

Why do you want to?

There are millions of people out there who think a credit card is a form of
identification, too. That's their problem.

[John Stanley]

In article <id.8CD...@nmti.com>, Peter da Silva <pe...@nmti.com> wrote:
>In article <3t1eb5$6...@gaia.ucs.orst.edu>,
>John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
>> There will be a lot of people that you don't want using PGP, then,
>> because they will use it. How do you intend on stopping them?
>
>Why do you want to?

I don't. I was replying to someone who made the statement that people
who don't understand PGP shouldn't be using it.

[Seth Breidbart]

In article <3telt8$e...@gaia.ucs.orst.edu>,
John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
>In article <id.YBC...@nmti.com>, Peter da Silva <pe...@nmti.com> wrote:
>>In article <3sv23r$l...@gaia.ucs.orst.edu>,

>>John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
>>> Well, that depends on what you mean by "valid". If you mean, as the
>>> person who claimed that using PGP prevented forgeries did, that "valid"
>>> means "from the person who it claims to be from", then you are wrong.
>>
>>I would use "valid" as meaning "posted by someone who had the same private
>>keys as the person who posted these other PGP-signed articles".
>
>Unfortunately, "not a forgery" doesn't mean "this was posted by the same
>person something else was", it means "this thing was posted by the person
>it claims to have been posted by."

However, since the name "John Stanley" means absolutely nothing to me
except in the context of Usenet, the fact that _this_ article was
posted by the same person as _those other articles_ is the only
relevant one. Another way of looking at it is that the only meaning
of the identity "John Stanley" (to me) is "the person who posted those
articles". Thus, PGP-signing prevents forgery.

>I.e., the existance of other articles signed with the same key is irrelevant.

Not to me.

Seth

[Rob J. Nauta]

sta...@skyking.OCE.ORST.EDU (John Stanley) writes:

>I don't. I was replying to someone who made the statement that people
>who don't understand PGP shouldn't be using it.

You mean like how people who don't understand in detail how a combustion
engine works should not be allowed to drive ?

Rob
--
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~
Rob J. Nauta r...@redwood.nl
NOTE: my opinions are strictly my own and not those of my employer

[John Stanley]

In article <3thtgj$e...@panix3.panix.com>,

Seth Breidbart <se...@panix.com> wrote:
>However, since the name "John Stanley" means absolutely nothing to me
>except in the context of Usenet, the fact that _this_ article was
>posted by the same person as _those other articles_ is the only
>relevant one.

It is the only relevant issue to you.

When you use the english word "forgery", however, you are talking about
something different than "all from the same person". Calling PGP a
"forgery detector" means that you are concerned with the actual identity
of the author, not just that it is the same person all the time.

Let me give you an example. Suppose I start posting under the name
"Bill Clinton" from whitehouse.gov. Suppose I generate a PGP key
pair for that address and send it to a keyserver. I sign everything
I post using that name with the key I have created. (Just for yucks,
I might convince some net.names to authenticate my key, just for the
fun of seeing how many people believe it.)

I post a lot of things you like. Then I post something that says that
Seth Breidbart is getting a big check from the IRS because "I" like
him.

Are you really going to say that that article is not a forgery just
because "Bill Clinton" posted, using a PGP key, things that you liked in
the past, and this has the same key signature? Are you going to call
the IRS when the check doesn't show up, telling them that you have an
authentic article from the President of the USA telling you that you are
supposed to get one?

>>I.e., the existance of other articles signed with the same key is irrelevant.
>
>Not to me.

But to the discussion of "forgery", it is.

[Michael Cramer]

Rob J. Nauta (r...@redwood.nl) wrote:

: You mean like how people who don't understand in detail how a combustion

: engine works should not be allowed to drive ?

No...more like people who don't know what dynamite does shouldn't be allowed
to use it.

--
Mike Cramer

[Seth Breidbart]

Newsgroups: de-Boursified

In article <3tf9s5$9...@gaia.ucs.orst.edu>,
John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
>In article <3teti2$7...@panix3.panix.com>,
>Seth Breidbart <se...@panix.com> wrote:

>>That's true, now. However, the second time you sign an article, I
>>learn something.
>What do you learn? "I now have two articles signed with the same private
>key". You haven't learned that I signed those two articles.

Since my definition of "you" is "the guy who posted that first
article", I have indeed learned that _you_ posted the second one. I
haven't learned anything about whether the poster was given the name
"John Stanley" by his parents, or is known under that name to the
Social Security Administration, but neither do I care.

>>that articles credibility based on your history more so than it does
>>now (when a forgery might not be detected).
>
>A forgery might not be detected now. That is the point.
>
>Here is a clue: PGP will tell you nothing about an article from me
>being forged, EXCEPT that, right now, today, if you come across an
>article that is signed with PGP it IS a forgery. Of course, it is
>possible that PGP will tell you it is not a forgery, depending on how
>thorough the perp is in distributing a forged public key. In that case,
>PGP will lie to you. Without a public key, PGP can tell you nothing
>more than that the article was not changed from when it was signed,
>which isn't even close to proving it wasn't forged in the first place.
>
>The point is, PGP didn't tell you it was a forgery, I did.
>Now, how is this supposed to translate into PGP being a "forgery
>detector?"

It doesn't detect forgeries when it isn't used. Likewise, a Medeco
cylinder sitting in a drawer in my kitchen doesn't help protect my
apartment from being robbed.

>And, of course, this says nothing about tomorrow when I might decide
>to start signing things.

After which point, nobody else will be able to get away with a claim
that an article was posted by you if it wasn't.

>>>All you know is that they are signed by the same private key.
>>Which is a lot more than you know now.
>Which tells you nothing about the articles being forged or not.

Under the assumption that the private key was managed responsibly, it
does.

>>If I start using PGP, you won't be able to forge an article (or a
>>control message) to make it appear to have come from me. How is that
>>not relevant to the concept of "forgery"?
>First of all, that is a much more limited claim than the "forgery
>detection" capability of PGP in general.

Nobody claims that PGP can detect all forgeries (or, at least, anybody
who does is very foolish).

>Second, I will be perfectly capable of forging something that looks
>like it comes from you, as long as the recipient either doesn't have
>your public key or does not have PGP. (PGP still has the "no commercial
>use" limitation, as far as I know, which makes it off-limits to many
>people.) Or, if the recipient is simply too lazy to bother using PGP
>to check it.

That's true. If someone doesn't use PGP then PGP doesn't protect him
from being fooled (at least, not very well: if you posted the forged
article, somebody else might notice that it didn't check and post that
it was a forgery).

>And, of course, it assumes that nobody breaks into your system and snags
>your private key.

That might be a little tough, since I'd keep it on a system that's not
connected to the net.

> Or puts a bogus public key on the keyserver. Keyservers
>are, as I recall, computer systems which can be broken into just like
>any other.

True. That's why I think people should keep their own lists of keys.

Seth

[Seth Breidbart]

In article <3ti32b$5...@gaia.ucs.orst.edu>,
John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:

>When you use the english word "forgery", however, you are talking about
>something different than "all from the same person". Calling PGP a
>"forgery detector" means that you are concerned with the actual identity
>of the author, not just that it is the same person all the time.
>
>Let me give you an example. Suppose I start posting under the name
>"Bill Clinton" from whitehouse.gov. Suppose I generate a PGP key
>pair for that address and send it to a keyserver. I sign everything
>I post using that name with the key I have created.

Now, I have the IRS's public key (because they put it on my tax refund
check and that check cleared, so either it's the real key or somebody
just paid me a _lot_ of money to believe it is. It's the same key on
a bunch of other people's checks, too, all of which are for the
correct amount, so whoever wants to fake that is spending a lot of
money and has access to confidential IRS information.) The IRS uses
that key to sign the keys of other government agencies, including the
White House. The key you post has not been signed by any of those
agencies.

> (Just for yucks,
>I might convince some net.names to authenticate my key, just for the
>fun of seeing how many people believe it.)

Those net.names have just lost all credibility with me, and with
anybody else who sees those signatures. That's their problem, though.

>I post a lot of things you like. Then I post something that says that
>Seth Breidbart is getting a big check from the IRS because "I" like
>him.

Seems strange that the "IRS" posting isn't signed with the IRS's key,
doesn't it?

>Are you really going to say that that article is not a forgery just
>because "Bill Clinton" posted, using a PGP key, things that you liked in
>the past, and this has the same key signature?

Nope. I'm going to think it's a forgery because I can't trace a chain
of trust leading to it.

However, in the Usenet case, can you suggest any method other than
digital signatures (not necessarily PGP) for somebody to prove that a
particular article came from Cancelmoose[tm]?

Seth

[John Stanley]

In article <3tki5s$c...@panix3.panix.com>,

Seth Breidbart <se...@panix.com> wrote:
>Since my definition of "you" is "the guy who posted that first
>article",

Well, it's now clear that you are using an obtuse definition of
forgery and have no desire to use what anyone else uses. Since
you are using your own definition of forgery, there is no sense in
continuing any discussion with you about the use of PGP to detect
forgeries.

[Seth Breidbart]

In article <3tkngj$o...@gaia.ucs.orst.edu>,

If it turned out that my real name (the one I was born under, and the
one on my passport) is actually Ian S. Breidbart, and I prefer to use
my middle name on Usenet, would that mean that all my articles are
forgeries?

If somebody else whose real name is John Stanley were to post an
article claiming to be you, would you consider that a forgery?

My definition of forgery is the standard one; however, we seem to
disagree on what a person's _identity_ is.

Seth

[Russ Allbery]

Note followups.

[ Discussing PGP. ]

In news.admin.misc, Michael Cramer <MikeC...@psu.edu> writes:
>

>No...more like people who don't know what dynamite does shouldn't be allowed
>to use it.

Last time I checked, software doesn't explode. Or kill people.

[John Stanley]

In article <3t4269$f...@globe.indirect.com>,

Jason and Heather <stei...@bud.indirect.com> wrote:
>> No, amazing how PGP doesn't work if either one of the parties doesn't
>> use it.
>
>no shit, sherlock.

Well, it must be news to some people, because it needed to be said.

>the _most_ it can say is that a particular document was indeed signed
>with the private counterpart of a public key that you hold. so what
>does that mean?

No shit, Sherlock.

I hope you are as vociferous the next time someone makes silly claims
for PGP as you are with those who are pointing out the silly claims.

[John Stanley]

In article <3tmvcl$h...@panix3.panix.com>,
Seth Breidbart <se...@panix.com> wrote:

>>I post a lot of things you like. Then I post something that says that
>>Seth Breidbart is getting a big check from the IRS because "I" like
>>him.
>
>Seems strange that the "IRS" posting isn't signed with the IRS's key,
>doesn't it?

I said I was posting as Bill Clinton, not the IRS. What IRS posting are
you yapping about?

>>Are you really going to say that that article is not a forgery just
>>because "Bill Clinton" posted, using a PGP key, things that you liked in
>>the past, and this has the same key signature?
>
>Nope. I'm going to think it's a forgery because I can't trace a chain
>of trust leading to it.

You just told me that your interpretation of "forged" dealt with
knowing that the same person posted THIS that posted the previous
things with the same name. What "chain of trust" is missing in this
situation? You have tens or hundreds of things I posted as Bill
Clinton, all signed. Now you have one thing that is signed with the
same key, and suddenly you are going to think it is a forgery, even
though it matches all the other things you have on hand.

Seems you have switched horses in mid-stream, and that 'real identity'
suddenly IS important to the concept of forgery.

[John Stanley]

In article <3tmvi8$i...@panix3.panix.com>,

Seth Breidbart <se...@panix.com> wrote:
>>Well, it's now clear that you are using an obtuse definition of
>>forgery and have no desire to use what anyone else uses. Since
>

>If it turned out that my real name (the one I was born under, and the
>one on my passport) is actually Ian S. Breidbart, and I prefer to use
>my middle name on Usenet, would that mean that all my articles are
>forgeries?

Of course not. That is a silly question. You wrote them and you are
claiming to have written them. Where can there be forgery in that?
Just what silly definition of forgery do you have that would lead you
to even ask that question?

>If somebody else whose real name is John Stanley were to post an
>article claiming to be you, would you consider that a forgery?

Yes. Absolutely. Anyone who writes something and then tries to claim I
did is guilty of forgery. It doesn't matter if his name is the same as
mine or not.

As I recall, someone with the same name as mine used to draw Little LuLu
comics. Were I to start drawing Little LuLu comics and claim that I am
him, that is forgery, even if it really is my name on each one.

BUT, it takes more than using the name "John Stanley" to be making a
claim that I wrote something. There are lots of "us". That is why my
email address is more than just "John Stanley". Anyone who uses my
email address in a posting IS making a claim that he is me, for there
is but one sta...@skying.oce.orst.edu.

What you can't seem to grasp is that the concept of "me" and "you" is
more than just "what name are you using". If I use the name Bill
Clinton, I am still the one who wrote the article even if it isn't the
same name as what my birth certificate says. And it isn't forgery to do
so, UNLESS I try to make it seem that it is some other Bill Clinton who
wrote it instead of me. Since I don't have an address at the whitehouse,
then sending something with the address cli...@whitehouse.gov is
forgery. That would be true even if my real, God given name was Bill
Clinton.

But this is all rather moot. Your concept of forgery deals with "same
as last time" and mine includes at its core "who it is really from",
and those two aren't going to meet anytime soon.

[firebug]

In article <3tn9c7$g...@nntp.Stanford.EDU>,

Russ Allbery <r...@Radon.Stanford.EDU> wrote:
>In news.admin.misc, Michael Cramer <MikeC...@psu.edu> writes:
>>
>>No...more like people who don't know what dynamite does shouldn't be allowed
>>to use it.
>
>Last time I checked, software doesn't explode. Or kill people.

But cars do.

[Peter da Silva]

In article <3telt8$e...@gaia.ucs.orst.edu>,

John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
> In article <id.YBC...@nmti.com>, Peter da Silva <pe...@nmti.com> wrote:

> >In article <3sv23r$l...@gaia.ucs.orst.edu>,

> >John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
> >> Well, that depends on what you mean by "valid". If you mean, as the
> >> person who claimed that using PGP prevented forgeries did, that "valid"
> >> means "from the person who it claims to be from", then you are wrong.

> >I would use "valid" as meaning "posted by someone who had the same private
> >keys as the person who posted these other PGP-signed articles".

> Unfortunately, "not a forgery" doesn't mean "this was posted by the same
> person something else was", it means "this thing was posted by the person
> it claims to have been posted by."

But what does "the person" mean in this environment?

I don't know John Stanley from Adam's Off Ox, but I do know "the person who
posted these articles".

See my previous message on the subject of what identity means on Usenet.

[Peter da Silva]

In article <3ti32b$5...@gaia.ucs.orst.edu>,

John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
> When you use the english word "forgery", however, you are talking about
> something different than "all from the same person". Calling PGP a
> "forgery detector" means that you are concerned with the actual identity
> of the author, not just that it is the same person all the time.

Again, on Usenet "the actual identity of the author" is irrelevant unless
it means "the same person all the time".

You do realise that bringing in dictionary definitions to refute the use
of jargon is about Defcon II in the "stupid arguments in flame wars"
department. Why don't we just bring in Hitler and the Nazis right now
and end it?

The problem isn't that people are using different meanings for "forgery",
by the way. It's that you're not using the same meaning for "identity" as
everyone else in this discussion.

[Peter da Silva]

In article <3the7k$i...@gaia.ucs.orst.edu>,
John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
> In article <id.8CD...@nmti.com>, Peter da Silva <pe...@nmti.com> wrote:
> >In article <3t1eb5$6...@gaia.ucs.orst.edu>,

> >John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
> >> There will be a lot of people that you don't want using PGP, then,
> >> because they will use it. How do you intend on stopping them?

> >Why do you want to?

> I don't. I was replying to someone who made the statement that people

> who don't understand PGP shouldn't be using it.

I agree. People who don't understand SSNs shouldn't be using them either.
I don't intend to stop them.

[Michael Cramer]

John Stanley (sta...@skyking.OCE.ORST.EDU) wrote:
: BUT, it takes more than using the name "John Stanley" to be making a

: claim that I wrote something. There are lots of "us". That is why my
: email address is more than just "John Stanley". Anyone who uses my
: email address in a posting IS making a claim that he is me, for there
: is but one sta...@skying.oce.orst.edu.

The idea of an email address is pointless. It's almost as easy to crack
accounts as it is to forge posts. The CONTENT of a post or email message
should tell you who it came from, not the "From:" line. If everyone used
some sort of digital signature method of authentication it wouldn't
matter WHAT email address a message came from. The proof of a usenet or
email authentication scheme's strength would be that I could post a
message from pres...@whitehouse.gov and have people actually believe
it was posted by ME, not the other way around. "From:" lines are
inherently insecure, so why should they matter?

A few conclusions inspired by this thread:

1) Forgery is simple the way usenet is set up right now.
2) PGP is an effective method for thwarting forgeries, but only under very
strict circumstances:
a) Users must ALWAYS sign their own posts. An unsigned post is completely
untrustable. If a signed post claims that an unsigned post is trustable,
don't believe it. Someone could have modified it upstream from your
machine.
b) PGP Keyrings bear the ultimate judgement over the trustability of a
post, so if you don't trust your keyring, you can't trust a post. Bad
key management will break the system. Anyone who uses PGP should
either understand the concepts behind this or they shouldn't bother
downloading it in the first place.
3) Because most people are too lazy to use PGP effectively, usenet is
ultimately untrustable, and always will be. But really, does this come
as a surprise to ANYONE?

--
Mike Cramer

[Michael Cramer]

John Stanley (sta...@skyking.OCE.ORST.EDU) wrote:
: >The CONTENT of a post or email message

: >should tell you who it came from, not the "From:" line.

: Ummm, if someone "cracks" an account, what does it matter if the From:
: line says who it is from or it says it in the message? It doesn't take
: a rocket scientist to type in the email address of an account you have
: cracked.

Again, you miss the point of what I'm saying. By "CONTENT" I mean WHAT is
said, not a line saying "Really! This is me!". If my mother sent me email
saying, "Mike, I want to divorce your father and have passionate, insestuous
sex with you." I could be absolutly sure it was a forgery, because my mother
would NEVER say something like that. PGP is another way to verify the CONTENT
of a message without having to say "Hmm...would my mother say this?" But as I
said, this can only work with proper use.

: > either understand the concepts behind this or they shouldn't bother

: > downloading it in the first place.

: Who is to stop them? Are you proposing some sort of exam on the concepts
: of public key cryptography prior to being allowed to "download" it? Like
: the currently silly and easily bypassable "citizenship test" some sites
: have implemented?

No. I'm saying that if someone doesn't take the time to learn how to use PGP
they have every right to do so, but it's not gonna make a damn bit of
difference. Their posts will still be as untrustable as if they had never
signed them in the first place. That's why I'm glad *I* get to decide
who's keys *I* am going to trust.

: > usenet is

: > ultimately untrustable, and always will be. But really, does this come
: > as a surprise to ANYONE?

: Of course not. Did you think it did?

I hoped not.

--
Mike Cramer

[Peter da Silva]

In article <3tkngj$o...@gaia.ucs.orst.edu>,
John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
> In article <3tki5s$c...@panix3.panix.com>,

> Seth Breidbart <se...@panix.com> wrote:
> >Since my definition of "you" is "the guy who posted that first
> >article",

> Well, it's now clear that you are using an obtuse definition of

> forgery and have no desire to use what anyone else uses.

No, he's using the same definition of forgery as you.

It's "identity" that's getting you in trouble. As he pointed out in the
same article you quoted above.

So who the hell is John Stanley anyway?

There are 7 of them, plus a whole bevy of J. Stanleys, in the Houston phone
book. I'm sure Oregon is just swimming with them. The only John Stanley I
know of, though, is "the guy who posts these articles".

Why look, your identity is just as obtuse as Seth says it is.

[Seth Breidbart]

In article <3tnng4$5...@gaia.ucs.orst.edu>,
John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
>In article <3tmvcl$h...@panix3.panix.com>,

>Seth Breidbart <se...@panix.com> wrote:
>
>>>I post a lot of things you like. Then I post something that says that
>>>Seth Breidbart is getting a big check from the IRS because "I" like
>>>him.
>>Seems strange that the "IRS" posting isn't signed with the IRS's key,
>>doesn't it?
>I said I was posting as Bill Clinton, not the IRS. What IRS posting are
>you yapping about?

OK. If you ever claimed to be the President of the US (rather than
some random person named Bill Clinton), then your articles are
forgeries. Since your key has never been signed by any official
agency, I have no reason to trust it.

>>>Are you really going to say that that article is not a forgery just
>>>because "Bill Clinton" posted, using a PGP key, things that you liked in
>>>the past, and this has the same key signature?
>>Nope. I'm going to think it's a forgery because I can't trace a chain
>>of trust leading to it.
>You just told me that your interpretation of "forged" dealt with
>knowing that the same person posted THIS that posted the previous
>things with the same name. What "chain of trust" is missing in this
>situation? You have tens or hundreds of things I posted as Bill
>Clinton, all signed. Now you have one thing that is signed with the
>same key, and suddenly you are going to think it is a forgery, even
>though it matches all the other things you have on hand.

That's right. The difference is, I have a reference for "Bill
Cli...@whitehouse.gov" while I don't have one for "John Stanley".

>Seems you have switched horses in mid-stream, and that 'real identity'
>suddenly IS important to the concept of forgery.

Nope; "identity" is. As I said before (and I thought you agreed
with), if my real name turns out to be Ian S. Breidbart, that doesn't
make my messages forgeries. (However, if I _claim_ that my real name
is Seth Breidbart and it isn't, that's the difference.)

The question of "identity" is who you claim to be identical to. If
one posting from "John Stanley <sta...@skyking.OCE.ORST.EDU>" is
produced by the same person as the other postings from him, then it
isn't a forgery. If you claim to be (identical to) the president of
the US, then your posting is a forgery.

Seth

[John Stanley]

In article <id.CNH...@nmti.com>, Peter da Silva <pe...@nmti.com> wrote:
>Again, on Usenet "the actual identity of the author" is irrelevant unless
>it means "the same person all the time".

Oh, come on, Peter. You have just told me that you would be harassing
the IRS for the check that Bill Clinton promised you.

>You do realise that bringing in dictionary definitions to refute the use

And just which dictionary did I quote from?

[John Stanley]

In article <id.5NH...@nmti.com>, Peter da Silva <pe...@nmti.com> wrote:
>I don't know John Stanley from Adam's Off Ox, but I do know "the person who
>posted these articles".

If you are referring to articles I post, then you either know me or you
don't. You can't say with one breath that you don't know me, and with
the next that you do.

>See my previous message on the subject of what identity means on Usenet.

Identity on USENET means the same as identity in RealNet, and your
"previous message" didn't prove otherwise.

By the way, Peter, I though better of you than the old "see previous
message" trick.

[John Stanley]

In article <3trj6s$b...@wegener.ems.psu.edu>,

Michael Cramer <MikeC...@psu.edu> wrote:
>The idea of an email address is pointless.

Oh?

>It's almost as easy to crack
>accounts as it is to forge posts.

So?

>The CONTENT of a post or email message
>should tell you who it came from, not the "From:" line.

Ummm, if someone "cracks" an account, what does it matter if the From:
line says who it is from or it says it in the message? It doesn't take
a rocket scientist to type in the email address of an account you have
cracked.

>If everyone used

>some sort of digital signature method of authentication

And if wishes were horses...

>A few conclusions inspired by this thread:
>
>1) Forgery is simple the way usenet is set up right now.

A well known fact, known long before this thread.

>2) PGP is an effective method for thwarting forgeries, but only under very
> strict circumstances:

That is, I think, what I started out saying.

> b) PGP Keyrings bear the ultimate judgement over the trustability of a
> post,

Sorry. USERS of PGP bear the ultimate judgement.

> either understand the concepts behind this or they shouldn't bother
> downloading it in the first place.

Who is to stop them? Are you proposing some sort of exam on the concepts
of public key cryptography prior to being allowed to "download" it? Like
the currently silly and easily bypassable "citizenship test" some sites
have implemented?

>3) Because most people are too lazy to use PGP effectively,

And PGP has limitations on who may use it.

[John Stanley]

In article <id.WMI...@nmti.com>, Peter da Silva <pe...@nmti.com> wrote:
>There are 7 of them, plus a whole bevy of J. Stanleys, in the Houston phone
>book. I'm sure Oregon is just swimming with them. The only John Stanley I
>know of, though, is "the guy who posts these articles".

Peter, you really need to stop and think about what you just said there.
You know of 7 "John Stanley's" in just the Houston area, but then you
say the only one you know _of_ is me. One of those statements is false,
since they are contradictory.

Now, if you want to say "the only one I know [of] who is on USENET is the
one who posts these articles", that would be a different matter.

>Why look, your identity is just as obtuse as Seth says it is.

No, my identity is perfectly fine. Your grasp on what identity is is
tenuous. If you don't think people exist apart from USENET, then you
need to get away from it for awhile. If you think their sole identity
is what they post, then you really need to get out in public more.

[John Stanley]

In article <3tubr7$c...@panix3.panix.com>,

Seth Breidbart <se...@panix.com> wrote:
>OK. If you ever claimed to be the President of the US (rather than
>some random person named Bill Clinton), then your articles are
>forgeries.

First of all, I said "posting as Bill Clinton from whitehouse.gov." Do
you know of more than one Bill Clinton that would have that address?

Second, yes, that's right, they would be forgeries, just like I have
been saying. It doesn't matter if I post 100 articles with that name,
they would all be forgeries. Even if all of them are signed by the same
key.

>Since your key has never been signed by any official
>agency, I have no reason to trust it.

Well, I didn't say you trusted it because it was signed by any
"official agency". I don't know why you might trust it. Maybe you trust
it because you got it from a reliable keyserver. And I didn't say you
SHOULD trust it, just that you might trust it for that reason. (Who are
the PGP official agencies who are signing keys these days?)

>That's right. The difference is, I have a reference for "Bill
>Cli...@whitehouse.gov" while I don't have one for "John Stanley".

What reference are you talking about?

>Nope; "identity" is.

Yep. But you have told me that identity is "same person posted this as
posted the previous thing". It is completely irrelevant who posted any
previous articles. If the article you are looking at right now did not
come from the person that it claims to have come from, it is a
forgery.

>As I said before (and I thought you agreed
>with), if my real name turns out to be Ian S. Breidbart, that doesn't
>make my messages forgeries. (However, if I _claim_ that my real name
>is Seth Breidbart and it isn't, that's the difference.)

No, it isn't a difference. You can call yourself whatever you want,
as long as it isn't claiming to be someone else.

>The question of "identity" is who you claim to be identical to.

That's a hoot. I don't claim to be identical to anyone. Who do YOU
claim to be identical to? Are you not in individual?

>If
>one posting from "John Stanley <sta...@skyking.OCE.ORST.EDU>" is
>produced by the same person as the other postings from him, then it
>isn't a forgery.

I don't know whether to agree with that statement or not, because I
don't know if you are referring to people or email addresses when you
say "from John Stanley...".

If you are referring to people, then I agree. If one posting from me is
produced by the same person who produced other postings from me, then
that posting is not a forgery. But the "produced by the same person"
part is completely irrelevant in that case. You can stop at "If one
posting which claims to come from me is produced by me..." there is no
forgery.

IF, on the other hand, you are referring to what I think you mean by
USENET identity, then I vehemently disagree. The "posting history" is
still irrelevant, however. It doesn't matter if you have 4000 articles
all previously posted with an email address of mine on them, if the
article you have in your hands right now claims to have come from me but
did not, it is a forgery. Period. End of sentence.

>If you claim to be (identical to) the president of
>the US, then your posting is a forgery.

Yep. And it wouldn't matter if you had 1,000,000 other postings from me
claiming to be Billy, the one telling you to expect a check from the IRS
is still a forgery. Even if it is signed by the same private key all
million other articles are signed by.

In other words, who the person really is does make a difference.

[John Stanley]

In article <3tu659$1...@wegener.ems.psu.edu>,

Michael Cramer <MikeC...@psu.edu> wrote:
>Again, you miss the point of what I'm saying. By "CONTENT" I mean WHAT is
>said, not a line saying "Really! This is me!".

Umm, so if someone asks the question "which RFC specifies USENET protocols",
you think you will be able to identify who said "RFC 1036" by just that?

>PGP is another way to verify the CONTENT
>of a message without having to say "Hmm...would my mother say this?" But as I

PGP is a way of knowing that the content was not changed from the time
the author signed the article. It doesn't tell you if your mother would
say such a thing.

[John Stanley]

In article <3u0l5o$b...@panix3.panix.com>,
Seth Breidbart <se...@panix.com> wrote:
>In article <3tuph3$q...@gaia.ucs.orst.edu>,

>John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
>>In article <3tubr7$c...@panix3.panix.com>,
>>Seth Breidbart <se...@panix.com> wrote:
>>First of all, I said "posting as Bill Clinton from whitehouse.gov." Do
>>you know of more than one Bill Clinton that would have that address?
>

>Nope; in fact, I don't know of any. <pres...@whitehouse.gov> is a
>valid email address.

If you don't know of anyone with the name Bill Clinton who might have a
whitehouse.gov address, you haven't been reading the newspapers for a
very long time. Whether you know him is a different question, but you
certainly must know of him. In fact, you tell me later on that you have
a "physical reference" to him. If you have a physical reference to him,
how can you not know of him?

>>Well, I didn't say you trusted it because it was signed by any
>>"official agency". I don't know why you might trust it. Maybe you trust
>>it because you got it from a reliable keyserver.
>

>There's _no such thing_.

Sorry, I used the term "reliable" not in the cryto sense but in the
sense "advertised, on the net, quickly responding, from which people
get keys without having to ask several times..."

>> (Who are
>>the PGP official agencies who are signing keys these days?)
>

>None. That's an even better reason not to trust it.

Then what "official agency" were you referring to?

>Precisely. Now, the question is, who does it claim to come from? To
>me, it claims to come from the same person who posted the other
>articles under that name.

Whether it is the same person as before or not is irrelevant. "Same
person as last time" just doesn't factor in to the definition of
forgery. I have already given you more than enough examples of why it
cannot.

>It doesn't claim to come from a person with
>a specified SS#, or who lives at a specified address, or anything else
>that might identify you in the real world.

It claims to come from a person with a specific email address. Now, you
may feel that your name and email address aren't sufficient to identify
which person of the 4 billion there are currently, but, if I hired a
private eye to track you down based on just that, I bet he would be able
to poke you in the ribs in not too long a time.

>>If you are referring to people, then I agree. If one posting from me is
>>produced by the same person who produced other postings from me, then
>>that posting is not a forgery. But the "produced by the same person"
>>part is completely irrelevant in that case. You can stop at "If one
>>posting which claims to come from me is produced by me..." there is no
>>forgery.
>

>Precisely what I'm saying.

No, it is not. You keep talking about "the same person who posted
before". I am talking about the same person that the article claims to
be from. There is no "before". There is one article. If it claims to
come from me, and does, it is not a forgery. If it claims to come from
me, and does not, it is a forgery. Even if I had never posted another
thing before in my life.

>Now, the question is, what is the referent
>of the pronoun "me" in your sentence? To me (that is, to Seth
>Breidbart), the referent is "the person who posted all those other
>articles".

It is not. When I say "me", I mean me. Right now, "me" is sitting at
this terminal, typing on this keyboard. Whether I have posted articles
in the past is irrelevant to the definition of "me".

There may not be any other articles. The person who posted all those
other articles may be someone else. A posting that comes from the real
Bill Clinton, and claims to come from the real Bill Clinton, is not a
forgery just because I have already forged 100 earlier articles
claiming to come from him. His article does not come from "the same
person who posted all those other articles". That's irrelevant. It is
still not a forgery.

>>In other words, who the person really is does make a difference.
>

>I agree. My point is that "who the person really is" is _subjective_,
>in that the meaning of the phrase (properly) differs among different
>people.

"Who the person really is" is a physical thing. When people talk about
"me", they don't mean "the person who is posting things using my name",
they mean themselves. The physical entity.

[John Stanley]

In article <id.KRJ...@nmti.com>, Peter da Silva <pe...@nmti.com> wrote:
>So he knows that this article is posted by the same guy who posted the
>other articles.

Yep. That's all. But "same guy as before" doesn't mean "not a forgery".
That criterion is not sufficient.

>That doesn't tell him it's the President of the USA
>unless he has other evidence that the guy calling himself Bill Clinton
>is the same Bill Clinton you had the opportunity to vote for a couple
>years back. That's the missing link in the chain of trust.

Yep.

>You know, John, I know you're bright enough to figure this out without
>it being spelled out in detail...

Peter, you should be bright enough to have figured out that I am the one
who DOESN'T think an article claiming to be from Bill Clinton is real
just because I have collected a dozen or a hundred others all signed
with the same key. You should have noticed that I am the one who is
saying that prior articles are irrelevant when determining if this
article is a forgery or not.

Maybe not.

[John Stanley]

In article <3u1jt7$m...@panix3.panix.com>,
Seth Breidbart <se...@panix.com> wrote:
>OK, tell us under what circumstances a post from henry or
>Cancelmoose[tm] might be considered forged.

Well, let's start with Cancelmoose[tm]. That one is easy. If it says it
comes from Cancelmoose[tm] but does not.

Now, assuming that henry's posting is a legal USENET article, then it,
too, would be a forgery if it was not written by the henry it claims to
have been written by.

>For that matter, what about a post from autoGeoff?

I assume that "autoGeoff" is an automated poster? Well, someone set it
up, so there is someone at the bottom of it. Think about it for a minute
and see if you can apply precedent to figure out an answer.

[Seth Breidbart]

Followups de-Boursified.

In article <3tuph3$q...@gaia.ucs.orst.edu>,
John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:

>In article <3tubr7$c...@panix3.panix.com>,

>Seth Breidbart <se...@panix.com> wrote:
>>OK. If you ever claimed to be the President of the US (rather than
>>some random person named Bill Clinton), then your articles are
>>forgeries.

>First of all, I said "posting as Bill Clinton from whitehouse.gov." Do
>you know of more than one Bill Clinton that would have that address?

Nope; in fact, I don't know of any. <pres...@whitehouse.gov> is a
valid email address.

>Well, I didn't say you trusted it because it was signed by any

>"official agency". I don't know why you might trust it. Maybe you trust
>it because you got it from a reliable keyserver.

There's _no such thing_. A keyserver just gives me keys and signed
keys (that is, signed statements that some key belongs to some
individual). An ftp site that allows arbitrary upload and download is
a keyserver. Now, some keyservers might choose to sign some keys, but
that's an independent operation.

> And I didn't say you
>SHOULD trust it, just that you might trust it for that reason.

Or I might not, for better reasons.

> (Who are
>the PGP official agencies who are signing keys these days?)

None. That's an even better reason not to trust it.

>>That's right. The difference is, I have a reference for "Bill

>>Cli...@whitehouse.gov" while I don't have one for "John Stanley".
>What reference are you talking about?

A real-world one.

>>Nope; "identity" is.
>Yep. But you have told me that identity is "same person posted this as
>posted the previous thing". It is completely irrelevant who posted any
>previous articles. If the article you are looking at right now did not
>come from the person that it claims to have come from, it is a
>forgery.

Precisely. Now, the question is, who does it claim to come from? To

me, it claims to come from the same person who posted the other

articles under that name. It doesn't claim to come from a person with

a specified SS#, or who lives at a specified address, or anything else
that might identify you in the real world.

>>The question of "identity" is who you claim to be identical to.

>
>That's a hoot. I don't claim to be identical to anyone. Who do YOU
>claim to be identical to? Are you not in individual?

I claim to be identical to myself. I claim to be identical to the
person who posted the article you're replying to.

>>If
>>one posting from "John Stanley <sta...@skyking.OCE.ORST.EDU>" is
>>produced by the same person as the other postings from him, then it
>>isn't a forgery.
>I don't know whether to agree with that statement or not, because I
>don't know if you are referring to people or email addresses when you
>say "from John Stanley...".

>If you are referring to people, then I agree. If one posting from me is
>produced by the same person who produced other postings from me, then
>that posting is not a forgery. But the "produced by the same person"
>part is completely irrelevant in that case. You can stop at "If one
>posting which claims to come from me is produced by me..." there is no
>forgery.

Precisely what I'm saying. Now, the question is, what is the referent

of the pronoun "me" in your sentence? To me (that is, to Seth
Breidbart), the referent is "the person who posted all those other

articles". To anybody who knows you in the real world, the referent
is the real person they know.

>In other words, who the person really is does make a difference.

I agree. My point is that "who the person really is" is _subjective_,
in that the meaning of the phrase (properly) differs among different
people.

Seth

[Michael Cramer]

John Stanley (sta...@skyking.OCE.ORST.EDU) wrote:
: >Again, you miss the point of what I'm saying. By "CONTENT" I mean WHAT is
: >said, not a line saying "Really! This is me!".

: Umm, so if someone asks the question "which RFC specifies USENET protocols",
: you think you will be able to identify who said "RFC 1036" by just that?

No. But it also wouldn't matter. I wouldn't really care if someone forged a
post in my name asking "which RFC specifies USENET protocols". But PGP gives
users a method of authenticating the writer even that question.

: >PGP is another way to verify the CONTENT

: >of a message without having to say "Hmm...would my mother say this?" But as I

: PGP is a way of knowing that the content was not changed from the time
: the author signed the article. It doesn't tell you if your mother would
: say such a thing.

But proper key management would. Three are two sides to PGP: making sure the
content hasn't been changed, and making sure the key belongs to who it claims
to belong to. Neither of these will tell me if my mother WOULD say such a
thing. But they will tell me if she DID say it.

--
Mike Cramer

[Peter da Silva]

In article <3tnng4$5...@gaia.ucs.orst.edu>,

John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
> You just told me that your interpretation of "forged" dealt with
> knowing that the same person posted THIS that posted the previous
> things with the same name. What "chain of trust" is missing in this
> situation? You have tens or hundreds of things I posted as Bill
> Clinton, all signed. Now you have one thing that is signed with the
> same key, and suddenly you are going to think it is a forgery, even
> though it matches all the other things you have on hand.

So he knows that this article is posted by the same guy who posted the
other articles. That doesn't tell him it's the President of the USA

unless he has other evidence that the guy calling himself Bill Clinton
is the same Bill Clinton you had the opportunity to vote for a couple

years back. That's the missing link in the chain of trust.

You know, John, I know you're bright enough to figure this out without
it being spelled out in detail...

[Seth Breidbart]

In article <3tumpa$m...@gaia.ucs.orst.edu>,
John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:

>No, my identity is perfectly fine. Your grasp on what identity is is
>tenuous. If you don't think people exist apart from USENET, then you
>need to get away from it for awhile. If you think their sole identity
>is what they post, then you really need to get out in public more.

OK, tell us under what circumstances a post from henry or

Cancelmoose[tm] might be considered forged.

For that matter, what about a post from autoGeoff?

Seth

[John Stanley]

In article <id.PTK...@nmti.com>, Peter da Silva <pe...@nmti.com> wrote:
>I know "John Stanley <sta...@skyking.OCE.ORST.EDU>".

You know the address. You don't know me.

>If I ran into you at
>Usenix, say, I wouldn't have the faintest idea who you were until you
>established a unity of identity by, for example, commenting on this message.

"Unity of identity"? Oh, come one, Peter.

Of course, you may not be able to point to me and say "that is the
person who posts as ....", but that certainly doesn't mean that I don't
exist. That doesn't make some other person who posts with that address
me.

[Peter da Silva]

In article <3tskrt$j...@gaia.ucs.orst.edu>,

John Stanley <sta...@skyking.OCE.ORST.EDU> wrote:
> In article <id.CNH...@nmti.com>, Peter da Silva <pe...@nmti.com> wrote:
> >Again, on Usenet "the actual identity of the author" is irrelevant unless
> >it means "the same person all the time".

> Oh, come on, Peter. You have just told me that you would be harassing
> the IRS for the check that Bill Clinton promised you.

Not unless I were to believe that "cli...@whitehouse.gov" was "William
whatever Clinton, President of the US, SS# whatever, etc etc...".

All I care is that this Bill Clinton is the same Bill Clinton I have been
trading recipes for Arkansas Pound Cake with. If he wants to make a joke
based on him having the same name as the president, that's fine.