r341 - scripts/trunk

Anderson Lizardo lizardo at linuxfromscratch.org
Wed Jun 29 17:32:02 PDT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Archaic wrote:
> [...]
> What checks will prevent people not authorized to create news items from
> spoofing an email, etc?

The signed PGP keys which most of us have now. As I said on the initial
RFC, if a mail-driven news posting system would be implemented for www2,
it would use a list of allowed public keys for authentication and
authenticity check. This way, the message that contains the news post
should be signed by someone who is listed on this list, and
manage_news2.pl would drop any other messages that don't match the list.

- --
Anderson Lizardo
lizardo at linuxfromscratch.org
http://www.linuxfromscratch.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFCwz2CkzNmn+NRHHoRAkfOAKCUNKnl12VhKhz4t42kubpZ3DjuAACfYNGw
MvNVLwL9ouNVleswmScnaqY=
=LTtp
-----END PGP SIGNATURE-----

	
	
		
_______________________________________________________ 
Yahoo! Acesso Grátis - Internet rápida e grátis. 
Instale o discador agora! http://br.acesso.yahoo.com/



More information about the website mailing list