The problem with this is that the denial of service attack just moves. Hostile parties just start sending bogus signed messages, (i.e. formatted random numbers), and it is very costly for the mail exploder to check the signatures, and they shut down the list server, by this. One day perhaps in 2007, we may be able to exchange cryptographicly signed messages, and trust the systems we use, but there are still a number of problems to solve before you should think about doing that. (Anytime it cost the attacker less than the victim, particuarlly when its several orders of magnitude difference, these attack will continue and the protocols to avoid them are complex and not generally understood, although a lot of the TCP syn attack stuff, will apply, i.e. compressed state, selective discard, etc.) In message <19971119103745.03601@Mars.Mcs.Net>, Karl Denninger writes:
On Wed, Nov 19, 1997 at 11:54:15AM -0500, Dorn Hetzel wrote:
That's something I would ABSOLUTELY support.
On Tue, Nov 18, 1997 at 01:57:32PM -0800, Vadim Antonov wrote:
Aaron Beck wrote:
is it time to make the list moderated? :)
No. But it is time to start rejecting messages which are not PGP-signed with a registered key.
--vadim
Hmmm.... now that's an interesting idea. I don't know if my key is registered, but I have no problem with doing so if necessary.... (I believe that Dorn did certify it some time ago :-)
--- Jeremy Porter, Freeside Communications, Inc. jerry@fc.net PO BOX 80315 Austin, Tx 78708 | 1-800-968-8750 | 512-458-9810 http://www.fc.net