usefor-usepro-03 February 2005
[< Prev]
[TOC] [ Next >]
6.1. Digital Signature of Headers
It is most desirable that group control messages (6.2) in particular
be authenticated by incorporating them within some digital signature
scheme that encompasses other headers closely associated with them
(including at least the Approved, Message-ID and Date headers). At
the time of writing, this is usually done by means of a protocol
known as "PGPverify" ([PGPVERIFY]), and continued usage of this is
encouraged at least as an interim measure.
However, PGPverify is not considered suitable for standardization in
its present form, for various technical reasons. It is therefore
expected that an early extension to this standard will provide a
robust and general purpose digital authentication mechanism with
applicability to all situations requiring protection against
malicious use of, or interference with, headers. That extension
would also address other Netnews security issues.
[< Prev]
[TOC] [ Next >]
#Diff to first older
--- ../usefor-usepro-02/Digital_Signature_of_Headers.out December 2004
+++ ../usefor-usepro-03/Digital_Signature_of_Headers.out February 2005
@@ -3,7 +3,7 @@
It is most desirable that group control messages (6.2) in particular
be authenticated by incorporating them within some digital signature
scheme that encompasses other headers closely associated with them
- (including at least the Approved-, Message-ID- and Date-headers). At
+ (including at least the Approved, Message-ID and Date headers). At
the time of writing, this is usually done by means of a protocol
known as "PGPverify" ([PGPVERIFY]), and continued usage of this is
encouraged at least as an interim measure.