pgpverify - cryptographically verify Usenet control messages
program reads (on standard input) a Usenet control message that has
been cryptographically signed using the
then uses the
program to determine who signed the control message. If the control
message was validly signed,
outputs (to stdout) the User ID of the key ID that signed the message.
program takes no options.
returns the follow exit statuses for the following cases:
The control message had a good PGP signature.
The control message had no PGP signature.
The control message had an unknown PGP signature.
The control message had a bad PGP signature.
A problem occurred not directly related to PGP analysis of signature.
does not modify or otherwise alter the environment before invoking the
program. It is the responsibility of the person who installs
to ensure that when
runs, it has the ability to locate and read a PGP key file that
contains the PGP public keys for the appropriate Usenet hierarchy
Historically, Usenet news server administrators have configured their
news servers to automatically honor Usenet control messages based on
the originator of the control messages and the hierarchies for which
the control messages applied. For example, in the past, David C
Lawrence <email@example.com> always issued control messages for the
"Big 8" hierarchies (comp, humanities, misc, news, rec, sci, soc,
talk). Usenet news administrators would configure their news server
software to automatically honor newgroup and rmgroup control messages
that originated from David Lawrence and applied to any of the Big 8
Unfortunately, Usenet news articles (including control messages) are
notoriously easy to forge. Soon, malicious users realized they could
create or remove (at least temporarily) any Big 8 newsgroup they
wanted by simply forging an appropriate control message in David
Lawrence's name. As Usenet became more widely used, forgeries became
program was designed to allow Usenet news administrators to configure
their servers to cryptographically verify control messages before
automatically acting on them. Under the pgpverify system, a Usenet
hierarchy maintainer creates a PGP public/private key pair and
disseminates the public key. Whenever the hierarchy maintainer issues
a control message, he uses the
program to sign the control message with the PGP private key. Usenet
news administrators configure their news servers to run the
program on the appropriate control messages, and take action based on
the PGP key User ID that signed the control message, not the name and
address that appear in the control message's From or Sender headers.
Thus, using the
appropriately essentially eliminates the possibility of malicious
users forging Usenet control messages that sites will act upon, as
such users would have to obtain the PGP private key in order to forge
a control message that would pass the cryptographic verification step.
If the hierarchy administrators properly protect their PGP private
keys, the only way a malicious user could forge a validly-signed
control message would be by breaking the RSA encryption algorithm,
which (at least at this time) is believed to be an NP-complete
problem. If this is indeed the case, discovering the PGP private key
based on the PGP public key is computationally impossible for PGP keys
of a sufficient bit length.
<URL:ftp://ftp.isc.org/pub/pgpcontrol/> is where the most recent
live, along with PGP public keys used for hierarchy administration.