Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   31559 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

pgpverify(8)					     pgpverify(8)

NAME
       pgpverify  -  cryptographically verify Usenet control mes
       sages

SYNOPSIS
       pgpverify [ -test ]

DESCRIPTION
       The pgpverify program reads (on standard input)	a  Usenet
       control	message	 that  has  been cryptographically signed
       using the signcontrol program.  pgpverify  then	uses  the
       pgp  program  to determine who signed the control message.
       If the control message was validly signed, pgpverify  out
       puts (to stdout) the User ID of the key ID that signed the
       message.

OPTIONS
       The ``-test'' flag causes pgpverify to print out the input
       it  is passing to pgp (which is a reconstructed version of
       the input that supposedly created the control message)  as
       well as the output of pgp's analysis of the message.

EXIT STATUS
       pgpverify returns the follow exit statuses for the follow
       ing cases:

       0      The control message had a good PGP signature.

       1      The control message had no PGP signature.

       2      The control message had an unknown PGP signature.

       3      The control message had a bad PGP signature.

       255    A problem occurred  not  directly	 related  to  PGP
	      analysis of signature.

AUTHOR
       David C Lawrence <tale@isc.org>

ENVIRONMENT
       pgpverify  does not modify or otherwise alter the environ
       ment before invoking the pgp program.  It is the responsi
       bility of the person who installs pgpverify to ensure that
       when pgp runs, it has the ability to locate and read a PGP
       key  file that contains the PGP public keys for the appro
       priate Usenet hierarchy administrators.

SEE ALSO
       pgp(1)

NOTES
       Historically, Usenet news server administrators have  con
       figured	their  news servers to automatically honor Usenet
       control messages based on the originator	 of  the  control
       messages	 and  the  hierarchies for which the control mes
       sages applied.  For example, in the past, David C Lawrence
       <tale@uunet.uu.net> always issued control messages for the
       "Big 8" hierarchies (comp, humanities,  misc,  news,  rec,
       sci, soc, talk).	 Usenet news administrators would config
       ure their news  server  software	 to  automatically  honor
       newgroup and rmgroup control messages that originated from
       David Lawrence and applied to any of  the  Big  8  hierar
       chies.

       Unfortunately,  Usenet  news  articles  (including control
       messages) are notoriously easy to forge.	 Soon,	malicious
       users  realized they could create or remove (at least tem
       porarily) any Big 8 newsgroup they wanted by simply  forg
       ing  an	appropriate  control  message in David Lawrence's
       name.  As Usenet became more widely used, forgeries became
       more common.

       The  pgpverify  program	was designed to allow Usenet news
       administrators to configure their servers to cryptographi
       cally  verify control messages before automatically acting
       on them.	 Under the pgpverify system, a	Usenet	hierarchy
       maintainer  creates a PGP public/private key pair and dis
       seminates the public key.  Whenever  the	 hierarchy  main
       tainer  issues  a control message, he uses the signcontrol
       program to sign the control message with the  PGP  private
       key.   Usenet  news  administrators  configure  their news
       servers to run the pgpverify program  on	 the  appropriate
       control	messages,  and	take  action based on the PGP key
       User ID that signed the control message, not the name  and
       address	that  appear  in  the  control	message's From or
       Sender headers.

       Thus, using the signcontrol and pgpverify programs  appro
       priately	 essentially  eliminates the possibility of mali
       cious users forging Usenet  control  messages  that  sites
       will  act upon, as such users would have to obtain the PGP
       private key in order to forge a control message that would
       pass  the cryptographic verification step.  If the hierar
       chy administrators  properly  protect  their  PGP  private
       keys, the only way a malicious user could forge a validly-
       signed control  message	would  be  by  breaking	 the  RSA
       encryption  algorithm,  which  (at  least at this time) is
       believed to be an NP-complete problem.  If this is  indeed
       the case, discovering the PGP private key based on the PGP
       public key is computationally impossible for PGP keys of a
       sufficient bit length.

       <URL:ftp://ftp.isc.org/pub/pgpcontrol/>	is where the most
       recent versions of signcontrol and pgpverify  live,  along
       with PGP public keys used for hierarchy administration.

						     pgpverify(8)

Vote for polarhome