Date: Fri Mar 21 23:16:48 GMT 1997 The modifications contained in the file pgpcontrol.patch may be applied to the specified files in the Cleanup Release of CNEWS (patch level G) so as to enable the checking of the PGP signatures which are now applied to control messages in many hierarchies. See ftp://ftp.uu.net/networking/news/misc/pgpcontrol/README[.html] You will also require the Perl script pgpverify, obtainable from ftp://ftp.uu.net/networking/news/misc/pgpcontrol/pgpverify which should be placed in your $NEWSBIN directory. In addition to the patch, you will need the following lines in your $NEWSCONFIG file. PGPPATH=${PGPPATH-$HOME/.pgp} where $HOME/.pgp is the directory where your public keyring will be found. This patch is an enhancement of one originally provided by an unknown System Administrator at . There are some enhancements needed to the file $NEWSCTL/controlperm. Specifically, a 'c' is now required in the operations column before a checkgroups message will be applied to the specified hierarchy by the specified author; and a 'p' flag may be used (in lieu of the present 'y' or 'n') to indicate that PGP-verification is required. Any such flag should be followed by the ID of the entity that should PGP-sign for that hierarchy (if this is absent, any public key recognised on your keyring will be accepted). See the file controlperm.eg for some examples. An X-PGP-Sig: header in a control message is always checked (whether the 'p' flag was given or not) and rejected noisily if it fails (but mere absence of the signer from you keyring is acceptable without a 'p' flag). Success of PGP-verification is always reported to you for "useful" messages (i.e. not those merely recreating an existing group). Thus, for example, if you have the 'n' flag set for rmgroup messages you will be told whether the PGP-verification succeeded, which may help you to decide whether to remove it by hand. The checkgroups command now has a -f flag to force it to be accepted even if it would otherwise be rejected (because the flag was 'n', for example). This corresponds to the use of the addgroup and delgroup commands currently used to force through a rejected newgroup of rmgroup message. These patches are brought to you, without warranty, by Charles H. Lindsey ---------At Home, doing my own thing------------------------- Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 437 4506 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5