home *** CD-ROM | disk | FTP | other *** search
- Path: senator-bedfellow.mit.edu!dreaderd!not-for-mail
- Message-ID: <computer-security/keydist-faq_1083064259@rtfm.mit.edu>
- Supersedes: <computer-security/keydist-faq_1080393689@rtfm.mit.edu>
- Expires: 10 Jun 2004 11:10:59 GMT
- X-Last-Updated: 2003/12/28
- From: Michael Bauser <faqs@bauser.com>
- Subject: alt.security.keydist Frequently Asked Questions
- Newsgroups: alt.security.keydist,demon.security.keys,alt.answers,news.answers
- Followup-To: poster
- Organization: The alt.security.keydist Preservation Society
- Approved: news-answers-request@MIT.EDU
- Summary: This article explains how to distribute public encryption keys through the newsgroup alt.security.keydist
- Article-Names: alt.security.keydist:faq
- Originator: faqserv@penguin-lust.MIT.EDU
- Date: 27 Apr 2004 11:12:08 GMT
- Lines: 164
- NNTP-Posting-Host: penguin-lust.mit.edu
- X-Trace: 1083064328 senator-bedfellow.mit.edu 576 18.181.0.29
- Xref: senator-bedfellow.mit.edu alt.security.keydist:1778 alt.answers:72689 news.answers:270591
-
- Archive-Name: computer-security/keydist-faq
- Posting-Frequency: monthly
- Last-Modified: 23 December 2003
- Alt-security-keydist-archive-name: faq
- Demon-security-keys-archive-name: alt-security-keydist-faq
- URL: http://www.bauser.com/alt.security.keydist/FAQ.html
-
- -----BEGIN PGP SIGNED MESSAGE-----
- Hash: SHA1
-
- - ------------------------------
-
- Subject: Introduction
-
- This is a list of Frequently Asked Questions (and answers) for the
- unmoderated newsgroup alt.security.keydist. It explains the purpose of the
- newsgroup and how to efficiently distribute public encryption keys using
- alt.security.keydist. It is a very short FAQ.
-
- This FAQ assumes you have a basic working knowledge of your chosen
- encryption software. If you need more information about particular
- software, please try the resources listed at the end of this FAQ.
-
- - ------------------------------
-
- Subject: Contents of this FAQ.
-
- 1. Introduction
- 2. Contents of this FAQ.
- 3. What is this newsgroup for?
- 4. Why not just use a keyserver?
- 5. How do I post my key to alt.security.keydist?
- 6. Should I post my key to other newsgroups?
- 7. Further information about specific PKE software.
-
- - ------------------------------
-
- Subject: What is this newsgroup for?
-
- This is the charter from Jonathan Haas's original newgroup message, posted
- 28 February 1993:
-
- > For your newsgroups file:
- > alt.security.keydist Exchange of keys for public key encryption systems
- >
- > This group is for people who use public key encryption systems such as
- > PGP or RIPEM to have a place to exchange public keys.
-
- Jonathan's entire control message is archived at
- ftp://ftp.uu.net/usenet/control/alt/alt.security.keydist
-
- - ------------------------------
-
- Subject: Why not just use a keyserver?
-
- Although I'm sure many people have many different reasons for using this
- newsgroup, there are two major ones:
-
- First, there are several public key encryption (PKE) systems (such as
- InvisiMail, Puffer, RIPEM, Vouch, and Sifr) that do not have keyserver
- networks. A newsgroup can serve as a de facto keyserver forusers of those
- systems.
-
- Second, even for PKE systems with established keyservers (i.e. PGP),
- alt.security.keydist provides "another channel of distribution". Many PGP
- users attempt to distribute their public keys through as many protocols as
- possible. Such users often have their keys available in such diverse
- locations as keyservers (distribution by e-mail and http), in .plan files
- (distribution by finger), on web pages (distribution by http), and in ftp
- archives. alt.security.keydist is another protocol for redundant key
- distribution: distribution by netnews.
-
- (This FAQ's author has, at various times, distributed his key by finger, by
- web, by keyserver, by newsgroup, by Fidonet echomail and by CompuServe file
- library. This FAQ's author is prone to overkill.)
-
- - ------------------------------
-
- Subject: How do I post my key to alt.security.keydist?
-
- Whatever PKE software you're using must be able to extract your public key
- to a '7-bit', 'flat ascii', or 'plaintext' file. (Most PKE programs now
- export keys in text format by default.) Once you've extracted your key,
- just start an article to alt.security.keydist, cut-and-paste the keyfile
- into your article, and post it.
-
- Your subject line should state what software you're posting a key for,
- and the e-mail address the key is for. I also recommend redirecting
- followups to e-mail with a "Followup-To: poster" header, because
- alt.security.keydist really isn't a discussion group.
-
- You should repost your public key whenever it changes (i.e., you change
- your e-mail address, add a certification, or revoke the key). Given the
- ephemeral nature of netnews articles, periodically reposting unchanged keys
- is acceptable. Users who expect to repost keys often should consider
- adding "Expires:" and/or "Supersedes:" headers to their posts. The
- documentation for your newsreading software should explain these headers.
-
- MIME-educated PGP-users (and GPG-users) may want to use "Content-Type:
- application/pgp-keys" for posting public keys. (This will make it easier
- for many PGP users to import your key, but it may prevent Google Groups
- from archiving the post containing the key.) See RFC 3156 at
- http://www.ietf.org/rfc/rfc3156.txt for a description of the PGP media
- types.
-
- By the way, don't clear-sign the message containing your public key! That
- just makes it harder for people to add your key to their keyrings (Think
- about it: How do people verify the signature if they don't yet have the key
- on their keyring?) and does not verify the integrity of your key.
-
- - ------------------------------
-
- Subject: Should I post my key to other newsgroups?
-
- If you mean "Should I post my key to other alt.security.* or
- comp.security.* newsgroups?", the answer is a definite "No". Those groups
- are discussion and/or announcement groups, and public keys don't count,
- unless they're very important keys (such as keys belonging to a timestamp
- server or certficate authority).
-
- There are, however, at least 9 other key-distribution newsgroups located in
- smaller news hierarchies. You might want to crosspost your public keys to
- one of these newsgroups, or monitor them for new keys:
-
- The newsgroup demon.security.keys is part of the internal hierarchy for
- Demon Internet (an internet service provider in the United Kingdom), but
- has much wider distribution. Recommended for PKE-users in the UK.
-
- The newsgroup fidonet.pkey_drop is a (defunct?) gated version of the
- Fidonet backbone echo PKEY_DROP. You cannot post to it from the netnews
- side.
-
- The newsgroups t-netz.pgp.schluessel, z-netz.alt.pgp.schluessel,
- domino.pgp.schluessel, and waros.pgp.schluessel are for distributing PGP
- keys only, and are part of German-language news hierarchies ("schluessel"
- means "keys").
-
- I have no information about the newsgroups city-net.diverses.pgp-keys,
- hothouse.lokal.pgp-keys, and real-net.computer.pgp.public_key, beyond
- what's revealed in the newsgroup names. They are probably all ISP-local
- groups.
-
- - ------------------------------
-
- Subject: Further information about specific PKE software.
-
- GPG is available at http://www.gnupg.org/
-
- PGP is available at http://www.pgp.com/ and http://www.pgpi.org/
-
- Puffer is available from http://www.briggsoft.com/
-
- RIPEM is available at http://www.cpsr.org/cpsr/privacy/crypto/tools/ripem/
-
- InvisiMail and Sifr are apparently no longer available.
- -----BEGIN PGP SIGNATURE-----
- Version: GnuPG v1.2.3 (MingW32) - WinPT 0.7.96rc1
-
- iD8DBQE/7oqqcpuEJT2bpHsRAiQjAJ0fg9YkjoLiT64liC2fLvNdMauoOwCglF/0
- Hu5GRX/eMSeUKzxs17tVV8g=
- =cBTp
- -----END PGP SIGNATURE-----
-
-
-