ietf-nntp BCP for RFC977 server/RFC1036 interaction
mouse at Rodents.Montreal.QC.CA
Thu Apr 10 07:42:49 PDT 1997
>> If you insist on only "guaranteed" (for some random definition)
>> identity information being included, you probably might as well not
>> bother defining the header, because it will be used so rarely as to
>> be useless.
> And from my viewpoint, if you don't trust the information you get
> then it is a mistake to put it out.
This is a point of view with which I strongly disagree. :-)
Speaking as a putative news admin, I would insert n-p-h (or moral
equivalent) so I know where I got the article from; I would insert
n-p-u (or ditto) for the same reason I save pidentd information in mail
Received: headers or tcp-wrappers logs: I don't know how trustworthy it
is, but if I have occasion to push a complaint back to that host, I
have no excuse for not providing information that is presumably
provided to me because the remote host wants to be able to get it back.
Personally, I would also insert another header, called something like
NNTP-Posting-Server-Signature: with a signature that covers those
aspects of the article that shouldn't change (certainly n-p-h and
n-p-u) as protection against forged complaints to me. This doesn't
need to be a signature in the public-key sense; after all, it doesn't
have to be publicly checkable.
> Philosophical difference we're unlikely to resolve until you admit
> I'm right. :)
No no no, you've got it all backward. _You_ need to admit _I_'m right.
mouse at rodents.montreal.qc.ca
7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
More information about the ietf-nntp