Yo! Martin:
Sunday August 18 1996 13:29, Martin Niemeyer wrote to Bill Cheek:
 MN> what's to prove the real BUD would always use a public key
Right now?  Nothing.  The future has a way of changing things, though.
 MN> Couldn't someone do this anyway, whether the real BUD used a public
 MN> key or not?
Not if everyone digitally signed their messages.
 MN> A person wanting to stir up a lot of crap, could establish a
 MN> legitimate address, and kiss up to the moderator big time, just to
 MN> make sure the moderator knew he was one of the good guys, and make
 MN> sure he always used a public key from that address, then log on bbs's
 MN> at other locations and post messages slinging a lot of crap, and
 MN> claim complete innocence while basking in the attention that is
 MN> flowing around him.
Well, I think you're coming from the "other" direction that I had not 
intended to weave into this issue.  I suppose digital signatures COULD be 
used as a management or moderator tool, but frankly, I was coming from the 
direction of the user who wants to associate his real identity with his 
personal traffic.
Fer instance, there could be three "John Smith's" on here at any one time.  
Or more.  Digital sigs would protect each, you see.....even if they posted 
from the same board.
 MN> The other side of the coin, is what would it do to the band width of
 MN> the FidoNet backbone if everyone, used a public key? It would get so
 MN> big that it would be ridiculous.
Oh gosh no.  A digital sig is only a small part of the message anyway.  And 
secondly, when the BBS send the mail upward through the hierarchy, it's all 
compressed to a fraction of its size.  Bandwidth and costs of moving mail 
simply are not issues in the modern Fido.  They used to be issues in the era 
of 300-1200 baud modems and no compression.  But with 28.8-kbps and 9:1 
compression technology, we can move 240 times the volume of mail at a 
fraction of the cost.
More and more Fido nodes are getting their mail via satellite or FTP at a 
flat rate cost, regardless of volume.  My cost was $2.37 for three months of 
a huge volume of mail.  I am not about to quibble over a penny or two that it 
might cost to add digital sigatures to our mail.
Furthermore, even if allowed, I do not forsee REQUIRING digital sigs anywhere 
in the forseeable future (1-3 years).  It would be an optional thing.
But until I decide, I want to hear SOLID arguments for or against the 
oncept.
Bandwidth and cost are not solid arguments; rather, they are considerations 
at best, and no issue at all, for the most part.
Right off, we allow three lines for signature, including tag line, if 
desired. What I want to know are the solid objections AGAINST the idea if 
someone wanted to replace that sort of signature with a secure digital one.  
What skin is it off anyone's nose?
Meat 'n taters is what I want to hear.  Gimme something to gnaw on.
Bill Cheek | Internet: bcheek@cts.com | Compu$erve: 74107,1176
Windows 95 Juggernaut Team | Microsoft MVP | Moderator - SCANRADIO
--- Hertzian Mail+
---------------