Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site noao.UUCP
Path: utzoo!utcs!lsuc!pesnta!amd!noao!parks
From: parks@noao.UUCP (Jay Parks)
Newsgroups: net.news.stargate
Subject: how to verify an article's submitter
Message-ID: <462@aquila.noao.UUCP>
Date: Mon, 11-Feb-85 14:09:24 EST
Article-I.D.: aquila.462
Posted: Mon Feb 11 14:09:24 1985
Date-Received: Tue, 12-Feb-85 14:23:36 EST
Organization: Natl. Optical Astronomy Observatories, Tucson, AZ USA
Lines: 96

A significant problem with accountability and liability of Usenet
submissions is that the author of an article may be impossible to
trace, or conversely, easy to trace but it may be impossible to prove
that he was actually responsible.  This is a suggestion on how to
solve this problem.

     Public-key cryptography.  First off, I am not a cryptographer, and 
as far as I know there are no REALLY secure public-key systems.  We
are not dealing with military or top-flight financial information though, 
so as long as the public key system is as secure as a personal signature 
or driver's license (both of which can be faked), it should be sufficient 
for our needs.

     Another problem would be the need for a general directory of all
stargate submitters, with their names, addresses, and submission site
included.  Some people will probably view this with paranoia, but
these requirements are really no worse than those required to send a
letter to the editor of a major newspaper.  Also, it should be possible
to remove your identity from a posting (although the moderator would
still know -- more on this in a minute).

     As I picture it, the system would work like this:

     When a new poster wished to obtain stargate privileges, he would
select a public and private key.  He would write an electronic
document stating:  His real name, his address, his usenet name (or
nickname), his site.  He would then encrypt this with his private key,
and go to his system administrator.  The administrator would take the
encrypted file, check it (to make sure it could be decrypted with the
public key), then encrypt it with HIS private key.  He would then make
a hard copy of this double-encrypted page, and both people would
(physically) sign it, and send it to a special stargate moderator.
They would also electronically send the double-encrypted file.

     The stargate moderator to receive this would be the moderator of
a special group called NET.DIRECTORY.  He would receive the hard and
electronic affadavits, and file both.  Then, he would update his
listing of a regular posting called DIRECTORY, which would contain the
usenet nickname, the public key, and other information if desired.  He
would retain reliable proof that anything which could be decrypted
with that person's public key, was actually sent by them.

     All of this would be used by moderators and submitters only.  It
should not be noticeable to readers.

     To send an article, the submitter would use the following steps:
He would write his article using a regular editor.  When he had is
properly spelled and edited to his satisfaction, he would send the
file through a routine called PUB-CRYPT, and save the new file.  He
would then use the POSTNEWS (or MAIL, or whatever) and prepare to 
send the article to the moderator of the desired stargate groups.  
Whatever method is finally decided to send these articles to their
moderators (an 800 number, regular mail, or some other means), the
moderator would eventually receive a regular header and encrypted
text.  Looking through his directory file, he would use the site and
poster name to decrypt the file, thus verifying the poster.  If
necessary, he could strip site and name information from the posting
(The equivalent of "name withheld by request".  The newspapers that do
this still keep the original, with its name and address, they just
don't PUBLISH this information.).  The moderator then takes this final
article and posts it directly to stargate.

     I have, perhaps, gone into too much detail here.  The method
provides the following advantages:

---  It is at least as secure as regular means of identification
(driver's license, social security number, signature).

---  It can be easily added to all existing software by the simple
addition of a program called PUB-CRYPT, which would do public key
cryptography.  No new news software needs to be created (although the
overworked moderators would doubtlessly begin to want some).

---  It could be easily expanded to handle people who are not standard
unix users, who wish to join the system:  People with personal
computers who wish to submit directly to moderators, non-unix
academic machines who eventually link up to stargate, etc.  This
should be considered if Usenet continues to grow.

---  It can provide security, while hiding the identity of the poster
(except to the moderator), if we wish to.  Actually, this feature is
considered just to forestall arguments by those who will be afraid of
the abuses of the system.  All you need is ONE trustworthy moderator
to make the system work (he can strip off the encryption and
identification).

---  We can increase security, and protect submitters better by making 
the group NET.DIRECTORY only available to moderators.  I suppose this
would make the system a semi-public key.  

                           submitted for your approval,
                                     Jay Parks

             (decvax!hao!ihnp4!seismo)!noao!parks  :uucp
             Kitt Peak National Observatory        :U.S. Snail
             950 N. Cherry, Tucson, AZ  85726