logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

pgpverify - cryptographically verify Usenet control messages

Contents

Author

       David C Lawrence <tale@isc.org>

Description

       The  pgpverify program reads (on standard input) a Usenet control message that has been cryptographically
       signed using the signcontrol program.  pgpverify then uses the pgp program to determine  who  signed  the
       control message.  If the control message was validly signed, pgpverify outputs (to stdout) the User ID of
       the key ID that signed the message.

Environment

pgpverify  does not modify or otherwise alter the environment before invoking the pgp program.  It is the
       responsibility of the person who installs pgpverify to ensure that when pgp runs, it has the  ability  to
       locate  and  read  a  PGP key file that contains the PGP public keys for the appropriate Usenet hierarchy
       administrators.

Exit Status

pgpverify returns the follow exit statuses for the following cases:

       0      The control message had a good PGP signature.

       1      The control message had no PGP signature.

       2      The control message had an unknown PGP signature.

       3      The control message had a bad PGP signature.

       255    A problem occurred not directly related to PGP analysis of signature.

Name

       pgpverify - cryptographically verify Usenet control messages

Notes

       Historically, Usenet news server administrators have configured their news servers to automatically honor
       Usenet control messages based on the originator of the control messages and the hierarchies for which the
       control messages applied.  For example, in the past, David C Lawrence <tale@uunet.uu.net>  always  issued
       control messages for the "Big 8" hierarchies (comp, humanities, misc, news, rec, sci, soc, talk).  Usenet
       news  administrators  would  configure  their  news  server  software to automatically honor newgroup and
       rmgroup control messages that originated from David Lawrence and applied to any of the Big 8 hierarchies.

       Unfortunately, Usenet news articles (including control messages) are notoriously easy  to  forge.   Soon,
       malicious  users  realized  they  could  create or remove (at least temporarily) any Big 8 newsgroup they
       wanted by simply forging an appropriate control message in David Lawrence's name.  As Usenet became  more
       widely used, forgeries became more common.

       The  pgpverify  program  was  designed  to allow Usenet news administrators to configure their servers to
       cryptographically verify control messages before automatically  acting  on  them.   Under  the  pgpverify
       system,  a  Usenet hierarchy maintainer creates a PGP public/private key pair and disseminates the public
       key.  Whenever the hierarchy maintainer issues a control message, he uses the signcontrol program to sign
       the control message with the PGP private key.  Usenet news administrators configure their news servers to
       run the pgpverify program on the appropriate control messages, and take action based on the PGP key  User
       ID that signed the control message, not the name and address that appear in the control message's From or
       Sender headers.

       Thus,  using  the signcontrol and pgpverifyprograms appropriately essentially eliminates the possibility
       of malicious users forging Usenet control messages that sites will act upon, as such users would have  to
       obtain  the  PGP  private  key  in  order  to  forge  a control message that would pass the cryptographic
       verification step.  If the hierarchy administrators properly protect their PGP private keys, the only way
       a malicious user could forge a validly-signed control message would be by  breaking  the  RSA  encryption
       algorithm, which (at least at this time) is believed to be an NP-complete problem.  If this is indeed the
       case,  discovering  the PGP private key based on the PGP public key is computationally impossible for PGP
       keys of a sufficient bit length.

       <URL:ftp://ftp.isc.org/pub/pgpcontrol/> is where the most recent versions of  signcontrol  and  pgpverify
       live, along with PGP public keys used for hierarchy administration.

                                                                                                    pgpverify(8)

Options

       The pgpverify program takes no options.

See Also

pgp(1)

Synopsis

pgpverify

See Also

Controller
Controller PNG Icons
Message
Message PNG Icons
Man Pages
archive Man Pages
Man Pages
pgpverify Man Pages
Messages
Messages PNG Icons
News
News PNG Icons
Man Pages
Program Man Pages
TLDR
Create signed link - in-toto-record Tldr
Man Pages
UserList Man Pages
← View System admin Category← Back to Miscellaneous diversions🙏  Credits & Acknowledgments