usefor-article-10 April 2003
[< Prev]
[TOC] [ Next >]
7.1. Digital Signature of Headers
It is most desirable that group control messages (7.2) in particular
be authenticated by incorporating them within some digital signature
scheme that encompasses other headers closely associated with them
(including at least the Approved-, Message-ID- and Date-headers). At
the time of writing, this is usually done by means of a protocol
known as "PGPverify" ([PGPVERIFY]), and continued usage of this is
encouraged at least as an interim measure.
However, PGPverify is not considered suitable for standardization in
its present form, for various technical reasons. It is therefore
expected that an early extension to this standard will provide a
robust and general purpose digital authentication mechanism with
applicability to all situations requiring protection against
malicious use of, or interference with, headers. That extension
would also address other Netnews security issues.
[< Prev]
[TOC] [ Next >]
#Diff to first older
--- ../usefor-article-09/Digital_Signature_of_Headers.out February 2003
+++ ../usefor-article-10/Digital_Signature_of_Headers.out April 2003