Hi Charles, > The problem with the two existing Netnews protocols is that they are (a) > different and (b) inflexible. Whether they would be changed to be DOSETA > based at this late stage is doubtful, but certainly possible. But for sure > they would need different key management protocols, because the signatures > would NOT be on behalf of a domain.
I've played in that pool as well (see Usenet Death Penalty in Wikipedia– I don't know if it's accurate or not). But you're mixing identification & key management with authorization. Here are two simple approaches to tackle netnews: Have a single domain administered by an organization where they delegate out keys into subdomains such as the following: news.admin.example.com. comp.lang.c.example.com. OR Have someone at example.com maintain a list trusted domains for a particular newsgroup. This has the added benefit of not requiring additional canonicalization (e.g. what do you do with comp.lang.c++)? Of course, I must admit that I hadn't realized anyone used netnews anymore. Is it not completely swamped with spam? I really have been out of that scene for over a decade (or more). Eliot _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
