* Thoughts on Message-ID generation @ 2001-02-28 16:05 Toby Speight 2001-02-28 16:31 ` Florian Weimer 0 siblings, 1 reply; 32+ messages in thread From: Toby Speight @ 2001-02-28 16:05 UTC (permalink / raw) With all this talk on how to generate message-ID values and ensure their uniqueness, it's long been my opinion that the Right Way to do this is to have a well-known MessageId service. Connect to the assigned port on any server (perhaps even localhost), tell it how many ids you want, read them in, and go away until you've used them all. Then it's the job of the issuing service to generate a unique localpart for each id and a conformant rhs; uniqueness can be ensured even amongst different clients (once all the ones in use support the issuance protocol), one server can issue ids for an entire domain, and offline working (and private networks) are supported. ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-02-28 16:05 Thoughts on Message-ID generation Toby Speight @ 2001-02-28 16:31 ` Florian Weimer 2001-02-28 16:38 ` Paul Jarc ` (4 more replies) 0 siblings, 5 replies; 32+ messages in thread From: Florian Weimer @ 2001-02-28 16:31 UTC (permalink / raw) Toby Speight <streapadair@gmx.net> writes: > With all this talk on how to generate message-ID values and ensure > their uniqueness, it's long been my opinion that the Right Way to do > this is to have a well-known MessageId service. Connect to the > assigned port on any server (perhaps even localhost), tell it how > many ids you want, read them in, and go away until you've used them > all. There's already such a service built into recent versions of INN: | 200 cert.uni-stuttgart.de InterNetNews NNRP server INN 2.3.0 ready (posting ok). | post | 340 Ok, recommended ID <97j88b$o6$1@hornet.rus.uni-stuttgart.de> For mail, there never was a uniqueness constraint on message IDs. ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-02-28 16:31 ` Florian Weimer @ 2001-02-28 16:38 ` Paul Jarc 2001-03-01 21:39 ` Florian Weimer 2001-02-28 18:35 ` Toby Speight ` (3 subsequent siblings) 4 siblings, 1 reply; 32+ messages in thread From: Paul Jarc @ 2001-02-28 16:38 UTC (permalink / raw) Florian Weimer <fw@deneb.enyo.de> writes: > For mail, there never was a uniqueness constraint on message IDs. I'm not sure what you mean, but RFC822 4.6.1 says "The uniqueness of the message identifier is guaranteed by the host which generates it." paul ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-02-28 16:38 ` Paul Jarc @ 2001-03-01 21:39 ` Florian Weimer 2001-03-01 22:46 ` Paul Jarc 2001-03-03 10:45 ` Per Abrahamsen 0 siblings, 2 replies; 32+ messages in thread From: Florian Weimer @ 2001-03-01 21:39 UTC (permalink / raw) prj@po.cwru.edu (Paul Jarc) writes: > Florian Weimer <fw@deneb.enyo.de> writes: > > For mail, there never was a uniqueness constraint on message IDs. > > I'm not sure what you mean, but RFC822 4.6.1 says "The uniqueness of > the message identifier is guaranteed by the host which generates it." Hardly anybody relies on the uniqueness of message IDs. Messages without IDs are even transported by most MTAs. ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-01 21:39 ` Florian Weimer @ 2001-03-01 22:46 ` Paul Jarc 2001-03-02 10:34 ` Florian Weimer 2001-03-03 10:45 ` Per Abrahamsen 1 sibling, 1 reply; 32+ messages in thread From: Paul Jarc @ 2001-03-01 22:46 UTC (permalink / raw) Florian Weimer <fw@deneb.enyo.de> writes: > Hardly anybody relies on the uniqueness of message IDs. Messages > without IDs are even transported by most MTAs. All threading, if nothing else, depends on the uniqueness of Message-IDs. Transports don't do threading, but so what? paul ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-01 22:46 ` Paul Jarc @ 2001-03-02 10:34 ` Florian Weimer 2001-03-02 15:03 ` Paul Jarc 0 siblings, 1 reply; 32+ messages in thread From: Florian Weimer @ 2001-03-02 10:34 UTC (permalink / raw) prj@po.cwru.edu (Paul Jarc) writes: > Florian Weimer <fw@deneb.enyo.de> writes: > > Hardly anybody relies on the uniqueness of message IDs. Messages > > without IDs are even transported by most MTAs. > > All threading, if nothing else, depends on the uniqueness of > Message-IDs. Transports don't do threading, but so what? Face it, there are lots of mail clients which do not support threading, especially groupware solutions. ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-02 10:34 ` Florian Weimer @ 2001-03-02 15:03 ` Paul Jarc 0 siblings, 0 replies; 32+ messages in thread From: Paul Jarc @ 2001-03-02 15:03 UTC (permalink / raw) Florian Weimer <fw@deneb.enyo.de> writes: > prj@po.cwru.edu (Paul Jarc) writes: > > Florian Weimer <fw@deneb.enyo.de> writes: > > > Hardly anybody relies on the uniqueness of message IDs. Messages > > > without IDs are even transported by most MTAs. > > > > All threading, if nothing else, depends on the uniqueness of > > Message-IDs. Transports don't do threading, but so what? > > Face it, there are lots of mail clients which do not support > threading, especially groupware solutions. So? The existence of those that don't use Message-ID says nothing about those that do. paul ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-01 21:39 ` Florian Weimer 2001-03-01 22:46 ` Paul Jarc @ 2001-03-03 10:45 ` Per Abrahamsen 2001-03-11 14:20 ` Florian Weimer 1 sibling, 1 reply; 32+ messages in thread From: Per Abrahamsen @ 2001-03-03 10:45 UTC (permalink / raw) Florian Weimer <fw@deneb.enyo.de> writes: > prj@po.cwru.edu (Paul Jarc) writes: > > > Florian Weimer <fw@deneb.enyo.de> writes: > > > For mail, there never was a uniqueness constraint on message IDs. > > > > I'm not sure what you mean, but RFC822 4.6.1 says "The uniqueness of > > the message identifier is guaranteed by the host which generates it." > > Hardly anybody relies on the uniqueness of message IDs. How is that relevant? I do, anyway, since I use the message-id for sorting away duplicates. Someone else mentioned threading, and mail-to-news gateways also rely on the uniqueness of the mail message-id. > Messages without IDs are even transported by most MTAs. I believe sendmail adds one if it is missing. ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-03 10:45 ` Per Abrahamsen @ 2001-03-11 14:20 ` Florian Weimer 2001-03-11 15:09 ` Kai Großjohann 2001-03-11 15:10 ` Per Abrahamsen 0 siblings, 2 replies; 32+ messages in thread From: Florian Weimer @ 2001-03-11 14:20 UTC (permalink / raw) Per Abrahamsen <abraham@dina.kvl.dk> writes: > I do, anyway, since I use the message-id for sorting away duplicates. > Someone else mentioned threading, and mail-to-news gateways also rely > on the uniqueness of the mail message-id. But message IDs are *not unique* for mail messages. As soon as you crosspost a message to two mailing lists, there are at least two copies of the same message being distributed with different headers. ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-11 14:20 ` Florian Weimer @ 2001-03-11 15:09 ` Kai Großjohann 2001-03-11 15:10 ` Per Abrahamsen 1 sibling, 0 replies; 32+ messages in thread From: Kai Großjohann @ 2001-03-11 15:09 UTC (permalink / raw) Cc: ding On 11 Mar 2001, Florian Weimer wrote: > But message IDs are *not unique* for mail messages. As soon as you > crosspost a message to two mailing lists, there are at least two > copies of the same message being distributed with different headers. Then every news message violates the uniqueness constraint, too. Every news server which sees the message frobs the Path header. And if you send a mail message to two people, the Received headers will be different. Clearly, the Path and Received headers should not be considered important when comparing two messages. kai -- Be indiscrete. Do it continuously. ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-11 14:20 ` Florian Weimer 2001-03-11 15:09 ` Kai Großjohann @ 2001-03-11 15:10 ` Per Abrahamsen 1 sibling, 0 replies; 32+ messages in thread From: Per Abrahamsen @ 2001-03-11 15:10 UTC (permalink / raw) Florian Weimer <fw@deneb.enyo.de> writes: > Per Abrahamsen <abraham@dina.kvl.dk> writes: > > > I do, anyway, since I use the message-id for sorting away duplicates. > > Someone else mentioned threading, and mail-to-news gateways also rely > > on the uniqueness of the mail message-id. > > But message IDs are *not unique* for mail messages. As soon as you > crosspost a message to two mailing lists, there are at least two > copies of the same message being distributed with different headers. That's just semantics on when a copy of a message is still "the same" message as the original. If we count changes in headers, the receiver will never get "the same" message as the sender send, because of the "Received:" header. The exact same happens with news, the message you post to a server will never be "the same" you read on the server, because the server changes the "Path:" header. I believe a definition of sameness that would make two copies of a messages send to two mailing lists not "the same message" would be both counter-intuitive and useless. In generel, the automatic changes made at the transport layer (this includes mailing list software) does not make the copy a new message. A formal definition would probably say that the (mail or news) injection agent should add a new unique message-id if not already present, and no other automatic agents may change the message-id. This will give us a message-id that is the same for most messages that are intuitively the same, and useful for software purposes. The intuition will break if the user manually add the same message-id to messages that are intuitively different. In this case we can from a software and standard point of view assume the user know what he does (i.e. the two messages _should_ be treated like duplicates), and if not, that it is his own fault. ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-02-28 16:31 ` Florian Weimer 2001-02-28 16:38 ` Paul Jarc @ 2001-02-28 18:35 ` Toby Speight 2001-02-28 20:09 ` Kai Großjohann ` (2 subsequent siblings) 4 siblings, 0 replies; 32+ messages in thread From: Toby Speight @ 2001-02-28 18:35 UTC (permalink / raw) 0> In article <87n1b6rcq9.fsf@deneb.enyo.de>, 0> Florian Weimer <URL:mailto:fw@deneb.enyo.de> ("Florian") wrote: Florian> Toby Speight <streapadair@gmx.net> writes: >> With all this talk on how to generate message-ID values and ensure >> their uniqueness, it's long been my opinion that the Right Way to do >> this is to have a well-known MessageId service. Connect to the >> assigned port on any server (perhaps even localhost), tell it how >> many ids you want, read them in, and go away until you've used them >> all. Florian> There's already such a service built into recent versions of INN: Florian> Florian> | 200 cert.uni-stuttgart.de InterNetNews NNRP server INN 2.3.0 ready (posting ok). Florian> | post Florian> | 340 Ok, recommended ID <97j88b$o6$1@hornet.rus.uni-stuttgart.de> Has anyone written code to enable Gnus to take advantage of this? ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-02-28 16:31 ` Florian Weimer 2001-02-28 16:38 ` Paul Jarc 2001-02-28 18:35 ` Toby Speight @ 2001-02-28 20:09 ` Kai Großjohann 2001-03-01 3:12 ` Russ Allbery 2001-03-01 14:24 ` Chris Shenton 2001-12-31 2:37 ` Lars Magne Ingebrigtsen 4 siblings, 1 reply; 32+ messages in thread From: Kai Großjohann @ 2001-02-28 20:09 UTC (permalink / raw) Cc: ding On 28 Feb 2001, Florian Weimer wrote: > There's already such a service built into recent versions of INN: > > | 200 cert.uni-stuttgart.de InterNetNews NNRP server INN 2.3.0 ready > | (posting ok). post 340 Ok, recommended ID > | <97j88b$o6$1@hornet.rus.uni-stuttgart.de> > > For mail, there never was a uniqueness constraint on message IDs. The problem is that Gnus needs to know the msg id before sending, so that the mail and news and Gcc copies can all have the same msg id. Hm. Of course, if posting and mailing, it could try to post, first. Hm. kai -- Be indiscrete. Do it continuously. ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-02-28 20:09 ` Kai Großjohann @ 2001-03-01 3:12 ` Russ Allbery 0 siblings, 0 replies; 32+ messages in thread From: Russ Allbery @ 2001-03-01 3:12 UTC (permalink / raw) Kai Großjohann <Kai.Grossjohann@CS.Uni-Dortmund.DE> writes: > The problem is that Gnus needs to know the msg id before sending, so > that the mail and news and Gcc copies can all have the same msg id. > Hm. > Of course, if posting and mailing, it could try to post, first. Hm. It would be downright trivial to add a command to return a message ID to the NNTP protocol, although of course that wouldn't help with existing servers until they upgraded and it should really go through the I-D process at some point and become a real RFC so that it doesn't get lost in the mess of other such extensions. -- Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/> ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-02-28 16:31 ` Florian Weimer ` (2 preceding siblings ...) 2001-02-28 20:09 ` Kai Großjohann @ 2001-03-01 14:24 ` Chris Shenton 2001-03-01 14:51 ` Florian Weimer 2001-03-01 15:17 ` Kai Großjohann 2001-12-31 2:37 ` Lars Magne Ingebrigtsen 4 siblings, 2 replies; 32+ messages in thread From: Chris Shenton @ 2001-03-01 14:24 UTC (permalink / raw) Cc: ding On 28 Feb 2001 17:31:10 +0100, Florian Weimer <fw@deneb.enyo.de> said: Florian> Toby Speight <streapadair@gmx.net> writes: >> With all this talk on how to generate message-ID values and ensure >> their uniqueness, it's long been my opinion that the Right Way to >> do this is to have a well-known MessageId service. Connect to the >> assigned port on any server (perhaps even localhost), tell it how >> many ids you want, read them in, and go away until you've used them >> all. Florian> There's already such a service built into recent versions of Florian> INN: Florian> | 200 cert.uni-stuttgart.de InterNetNews NNRP server INN Florian> 2.3.0 ready (posting ok). | post | 340 Ok, recommended ID Florian> <97j88b$o6$1@hornet.rus.uni-stuttgart.de> I'd really like the messageId to NOT contain my host, domain, or other identifying information. The layout of my LAN systems should be private, and I don't want spammers harvesting this info. Any reason it can't be related to a crypto-generated blob based on maybe UNIX time + hash of machine name + PID + ... ? Yours in paranoia... ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-01 14:24 ` Chris Shenton @ 2001-03-01 14:51 ` Florian Weimer 2001-03-01 22:52 ` Harry Putnam 2001-03-01 15:17 ` Kai Großjohann 1 sibling, 1 reply; 32+ messages in thread From: Florian Weimer @ 2001-03-01 14:51 UTC (permalink / raw) Cc: ding Chris Shenton <cshenton@OutBounderInc.com> writes: > I'd really like the messageId to NOT contain my host, domain, or other > identifying information. The layout of my LAN systems should be > private, and I don't want spammers harvesting this info. Spammers aren't interested in your network structure. In addition, other headers leak much, much more information. > Any reason it can't be related to a crypto-generated blob based on > maybe UNIX time + hash of machine name + PID + ... ? Paranoia? This isn't much entropy... > Yours in paranoia... ;-) ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-01 14:51 ` Florian Weimer @ 2001-03-01 22:52 ` Harry Putnam 2001-03-02 10:35 ` Florian Weimer 0 siblings, 1 reply; 32+ messages in thread From: Harry Putnam @ 2001-03-01 22:52 UTC (permalink / raw) Florian Weimer <fw@deneb.enyo.de> writes: > Spammers aren't interested in your network structure. In addition, > other headers leak much, much more information. What headers leak information about the internal network when you go thru an IPmasquerade box? ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-01 22:52 ` Harry Putnam @ 2001-03-02 10:35 ` Florian Weimer 0 siblings, 0 replies; 32+ messages in thread From: Florian Weimer @ 2001-03-02 10:35 UTC (permalink / raw) Harry Putnam <reader@newsguy.com> writes: > Florian Weimer <fw@deneb.enyo.de> writes: > > > Spammers aren't interested in your network structure. In addition, > > other headers leak much, much more information. > > What headers leak information about the internal network when you go > thru an IPmasquerade box? It depends on the structure of the network. I do use IP masquerading, but my email headers contain a wealth of information about by network. ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-01 14:24 ` Chris Shenton 2001-03-01 14:51 ` Florian Weimer @ 2001-03-01 15:17 ` Kai Großjohann 2001-03-01 22:05 ` David A. Cobb 1 sibling, 1 reply; 32+ messages in thread From: Kai Großjohann @ 2001-03-01 15:17 UTC (permalink / raw) Cc: Florian Weimer, ding On 01 Mar 2001, Chris Shenton wrote: > I'd really like the messageId to NOT contain my host, domain, or > other identifying information. The layout of my LAN systems should > be private, and I don't want spammers harvesting this info. The msgid does not need to be the DNS FQDN of your host. If the host master of the frob.org domain tells you that you can use the right hand side `chris.msgid.frob.org' for your messages, and that uniquely identifies your host, then you can do that. Since you have your own domain, you appear to be your own host master, so I'm sure you can find a rhs that you can use. If you give every user their own rhs, you can completely hide the network structure. And you can have your MTA bounce or drop mails sent to such hosts. kai -- Be indiscrete. Do it continuously. ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-01 15:17 ` Kai Großjohann @ 2001-03-01 22:05 ` David A. Cobb 2001-03-01 22:38 ` Stainless Steel Rat 0 siblings, 1 reply; 32+ messages in thread From: David A. Cobb @ 2001-03-01 22:05 UTC (permalink / raw) Cc: Chris Shenton, Florian Weimer, ding Taking a clue from a different source, I believe the OMG - CORBA folk have a scheme for generating unique ID's that folds your 60-bit NIC number (which the mfgr's guarentee to be unique), the current UTC, and maybe something else just for fun. Now, a mail-message is clearly an <<object>>! So, given about a 128-bit number generated by such an algorithm and encoding it Mod64 generates a string that isn't so long it's impossible and enough numbers to last for a little while. For security purposes, one might want a number including your NIC# run through some sort of one-way hash, but that might destroy the uniqueness property. Some network guru, chime in here please with what damage - if any - a bad guy could do if he knew my NIC#. CORBA must have dealt with the same security issues. A "nice" feature might be putting the UTC in the most-significant postition so that messages in message-id sequence are more or less chronological. The downside is that PC clocks, especially, are sometimes pure fiction. I have mail in my inbox now that has not been written yet for months, if the originator's time stamp were to be believed. I send my mail via an SMTP server at my ISP. The ISP responds by telling me the ID she has assigned to it. I have no clue what her scheme is. Kai Großjohann wrote: > On 01 Mar 2001, Chris Shenton wrote: > > > I'd really like the messageId to NOT contain my host, domain, or > > other identifying information. The layout of my LAN systems should > > be private, and I don't want spammers harvesting this info. > > The msgid does not need to be the DNS FQDN of your host. If the host > master of the frob.org domain tells you that you can use the right > hand side `chris.msgid.frob.org' for your messages, and that uniquely > identifies your host, then you can do that. > > Since you have your own domain, you appear to be your own host master, > so I'm sure you can find a rhs that you can use. > > If you give every user their own rhs, you can completely hide the > network structure. And you can have your MTA bounce or drop mails > sent to such hosts. > > kai > -- > Be indiscrete. Do it continuously. -- David A. Cobb, The Superbiskit ! Software Engineer, Public Access Advocate, All around nice guy. Get my PGP key at :<http://pgpkeys.mit.edu:11371/pks/lookup?op=get&search=superbiskit> Fingerprint=0x{6E3E DB8C 2E8C 4248 62B2 FE29 08EE CF0A 3629 E954} "By God's Grace I am a Christian man, by my actions a great sinner." --The Way of a Pilgrim, R. M. French [tr.] <---.----!----.----!----.----!----.----!----.----!----.----!----.----> ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-01 22:05 ` David A. Cobb @ 2001-03-01 22:38 ` Stainless Steel Rat 2001-03-01 22:55 ` David A. Cobb 0 siblings, 1 reply; 32+ messages in thread From: Stainless Steel Rat @ 2001-03-01 22:38 UTC (permalink / raw) * "David A. Cobb" <superbiskit@home.com> on Thu, 01 Mar 2001 | Taking a clue from a different source, I believe the OMG - CORBA folk | have a scheme for generating unique ID's that folds your 60-bit NIC | number (which the mfgr's guarentee to be unique), the current UTC, and | maybe something else just for fun. Not so useful for non-Ethernet media. Token Ring NICs use bewteen 32 and 48 bits for MAC addresses. SLIP, PPP and PLIP have no MAC addresses to speak of, so this idea totally fails for them. I don't know what fibre channel uses off-hand. And there is the problem that modulo "something else just for fun" a multi-processor, single NIC machine is capable of generating two or more identical IDs. Besides, there is functionally no difference between using system-name and the MAC address. | Now, a mail-message is clearly an <<object>>! ... you say that like it's a good thing. | So, given about a 128-bit number generated by such an algorithm and | encoding it Mod64 generates a string that isn't so long it's impossible | and enough numbers to last for a little while. And how do you propose to generate those 128-bit numbers and gurarantee their uniqueness, when you can't even guarantee that you can generate those numbers? | For security purposes, one might want a number including your NIC# Assuming you have one. | run through some sort of one-way hash, but that might destroy the | uniqueness property. Except that good hash algorithms don't do that. | Some network guru, chime in here please with what damage - if any - a bad | guy could do if he knew my NIC#. CORBA must have dealt with the same | security issues. Lessee... he could steal *all* of your network traffic if he is on the same physical segment. -- Rat <ratinox@peorth.gweep.net> \ Happy Fun Ball may stick to certain types Minion of Nathan - Nathan says Hi! \ of skin. PGP Key: at a key server near you! \ ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-01 22:38 ` Stainless Steel Rat @ 2001-03-01 22:55 ` David A. Cobb 2001-03-02 0:52 ` Stainless Steel Rat 0 siblings, 1 reply; 32+ messages in thread From: David A. Cobb @ 2001-03-01 22:55 UTC (permalink / raw) Cc: (ding) Stainless Steel Rat wrote: > * "David A. Cobb" <superbiskit@home.com> on Thu, 01 Mar 2001 > | Taking a clue from a different source, I believe the OMG - CORBA folk > | have a scheme for generating unique ID's that folds your 60-bit NIC > | number (which the mfgr's guarentee to be unique), the current UTC, and > | maybe something else just for fun. > > Not so useful for non-Ethernet media. Token Ring NICs use bewteen 32 and > 48 bits for MAC addresses. SLIP, PPP and PLIP have no MAC addresses to > speak of, so this idea totally fails for them. I don't know what fibre > channel uses off-hand. And there is the problem that modulo "something > else just for fun" a multi-processor, single NIC machine is capable of > generating two or more identical IDs. Besides, there is functionally no > difference between using system-name and the MAC address. > > | Now, a mail-message is clearly an <<object>>! > > ... you say that like it's a good thing. I'm not sure! It's about like saying every boson in the universe is an object. So what! How many bits do we need to count all of them? > > > | So, given about a 128-bit number generated by such an algorithm and > | encoding it Mod64 generates a string that isn't so long it's impossible > | and enough numbers to last for a little while. > > And how do you propose to generate those 128-bit numbers and gurarantee > their uniqueness, when you can't even guarantee that you can generate those > numbers? Once we agree on how do I uniquely identify ME, this reduces to my being responsible for the uniqueness of the ID's of things (messages, resources, etc) which I generate. That's the basic "I name my own children" notion. [Works for most folk excepting George Forman.] Now, if I start with my local approximation of UTC - I think about 64 bits would count the milliseconds in the age of the universe, I only need to add "something else just for fun" when I generate more than one thing in a millisecond - not easy for me but my digital assistant under my fingertips here can do many many provided they aren't too big or complex. Hey, it's just more bits! IPv6 addresses are 128-bits, maybe we add another 128-bits for the objects created at a given address. I isn't totally unmanagable. > > > | For security purposes, one might want a number including your NIC# > > Assuming you have one. > > | run through some sort of one-way hash, but that might destroy the > | uniqueness property. > > Except that good hash algorithms don't do that. > > | Some network guru, chime in here please with what damage - if any - a bad > | guy could do if he knew my NIC#. CORBA must have dealt with the same > | security issues. > > Lessee... he could steal *all* of your network traffic if he is on the > same physical segment. Aha! Yes, that could be a problem. Did I get the CORBA scheme right? This thing on my shoulders has lots of "senior moments" these days. > > -- > Rat <ratinox@peorth.gweep.net> \ Happy Fun Ball may stick to certain types > Minion of Nathan - Nathan says Hi! \ of skin. > PGP Key: at a key server near you! \ -- David A. Cobb, The Superbiskit ! Software Engineer, Public Access Advocate, All around nice guy. Get my PGP key at :<http://pgpkeys.mit.edu:11371/pks/lookup?op=get&search=superbiskit> Fingerprint=0x{6E3E DB8C 2E8C 4248 62B2 FE29 08EE CF0A 3629 E954} "By God's Grace I am a Christian man, by my actions a great sinner." --The Way of a Pilgrim, R. M. French [tr.] <---.----!----.----!----.----!----.----!----.----!----.----!----.----> ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-01 22:55 ` David A. Cobb @ 2001-03-02 0:52 ` Stainless Steel Rat 2001-03-02 14:35 ` Toby Speight 2001-03-02 16:43 ` David A. Cobb 0 siblings, 2 replies; 32+ messages in thread From: Stainless Steel Rat @ 2001-03-02 0:52 UTC (permalink / raw) * "David A. Cobb" <superbiskit@home.com> on Thu, 01 Mar 2001 | I'm not sure! It's about like saying every boson in the universe is an | object. So what! How many bits do we need to count all of them? More that the idea of treating every bit of information as an object for all purpose as a panacea is not a good idea. [...] | Once we agree on how do I uniquely identify ME, The fully-qualified domain name of a host is required to be unique. If it is not then the host is misconfigured. Your login on that host is also required to be unique. If it is not then accounts are improperly managed. The time you send a message from a host is close to unique; that run through MD4 or MD5 along with some random data will be unique. If you put them all together you get a very high probability unique identifier, barring someone deliberately attempting to duplicate it. Wait... Gnus already does most of that. I'm not sure if it does the hash (time + random) bit or just hash (time). If you insist on going overboard, mash the whole message through MD5 and use that as the Message-ID string or part of it. I dunnow about CORBA's security, or lack thereof. It really isn't an issue here. Message-ID is was never intended to be "secure". -- Rat <ratinox@peorth.gweep.net> \ Do not taunt Happy Fun Ball. Minion of Nathan - Nathan says Hi! \ PGP Key: at a key server near you! \ ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-02 0:52 ` Stainless Steel Rat @ 2001-03-02 14:35 ` Toby Speight 2001-03-02 15:41 ` Stainless Steel Rat ` (2 more replies) 2001-03-02 16:43 ` David A. Cobb 1 sibling, 3 replies; 32+ messages in thread From: Toby Speight @ 2001-03-02 14:35 UTC (permalink / raw) 0> In article <m3y9updmbf.fsf@peorth.gweep.net>, 0> Stainless Steel Rat <URL:mailto:ratinox@peorth.gweep.net> ("Rat") wrote: Rat> The fully-qualified domain name of a host is required to be Rat> unique. If it is not then the host is misconfigured. Only for Internet-connected systems. I'm not convinced that the above is true for indirectly accessible hosts on a (e.g.) NAT network with a private internal DNS. Isn't there a reserved domain for private naming analogous to 10.* IP numbers? ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-02 14:35 ` Toby Speight @ 2001-03-02 15:41 ` Stainless Steel Rat 2001-03-02 15:53 ` Paul Jarc 2001-03-02 16:18 ` Simon Josefsson 2 siblings, 0 replies; 32+ messages in thread From: Stainless Steel Rat @ 2001-03-02 15:41 UTC (permalink / raw) * Toby Speight <streapadair@gmx.net> on Fri, 02 Mar 2001 | Only for Internet-connected systems. I'm not convinced that the above | is true for indirectly accessible hosts on a (e.g.) NAT network with a | private internal DNS. Isn't there a reserved domain for private naming | analogous to 10.* IP numbers? Tangental argument, and probably irrelevant. Even if you are firewalled you should not be using someone else's domain name inside your firewall. If you cannot see why it is bad, imagine if you happen to have "sun.com" as your internal domain. Now you are unable to talk to real sun.com hosts. Also, since you are talking to external hosts the responsibility is yours to ensure that your systems correctly identify themselves to those hosts. What that means is that if your host at gmx.net is firewalled it should still identify itself as "gmx.net" or "foo.gmx.net" where names and IPs are not masqeraded by the gateway. In other words, being behind a firewall is no excuse for not playing by the rules. -- Rat <ratinox@peorth.gweep.net> \ Do not taunt Happy Fun Ball. Minion of Nathan - Nathan says Hi! \ PGP Key: at a key server near you! \ ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-02 14:35 ` Toby Speight 2001-03-02 15:41 ` Stainless Steel Rat @ 2001-03-02 15:53 ` Paul Jarc 2001-03-02 16:18 ` Simon Josefsson 2 siblings, 0 replies; 32+ messages in thread From: Paul Jarc @ 2001-03-02 15:53 UTC (permalink / raw) Toby Speight <streapadair@gmx.net> writes: > Isn't there a reserved domain for private naming analogous to 10.* > IP numbers? Nope. example.{com,net,org}. are reserved for use as examples, but not for use on non-Internet networks. localhost. is reserved for use as a name of the local host, but using foo.localhost. may not be such a great idea. local. is used in some RFCs in examples to refer to a domain not on the Internet, but no RFC actually reserves it for that use. You could use foo.10.in-addr.arpa., maybe, but there are probably some things that would break on that. paul ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-02 14:35 ` Toby Speight 2001-03-02 15:41 ` Stainless Steel Rat 2001-03-02 15:53 ` Paul Jarc @ 2001-03-02 16:18 ` Simon Josefsson 2 siblings, 0 replies; 32+ messages in thread From: Simon Josefsson @ 2001-03-02 16:18 UTC (permalink / raw) Cc: ding Toby Speight <streapadair@gmx.net> writes: > private internal DNS. Isn't there a reserved domain for private naming > analogous to 10.* IP numbers? Only <URL:http://search.ietf.org/internet-drafts/draft-coffeystrain-dnsext- privatednstld-00.txt> AFAIK. ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-02 0:52 ` Stainless Steel Rat 2001-03-02 14:35 ` Toby Speight @ 2001-03-02 16:43 ` David A. Cobb 2001-03-02 17:38 ` Stainless Steel Rat 1 sibling, 1 reply; 32+ messages in thread From: David A. Cobb @ 2001-03-02 16:43 UTC (permalink / raw) Cc: (ding) Stainless Steel Rat wrote: > * "David A. Cobb" <superbiskit@home.com> on Thu, 01 Mar 2001 > | I'm not sure! It's about like saying every boson in the universe is an > | object. So what! How many bits do we need to count all of them? > > More that the idea of treating every bit of information as an object for > all purpose as a panacea is not a good idea. Hey, it's the in thing. > > > [...] > | Once we agree on how do I uniquely identify ME, > > The fully-qualified domain name of a host is required to be unique. If it > is not then the host is misconfigured. Your login on that host is also > required to be unique. If it is not then accounts are improperly managed. > The time you send a message from a host is close to unique; that run > through MD4 or MD5 along with some random data will be unique. If you put > them all together you get a very high probability unique identifier, > barring someone deliberately attempting to duplicate it. Simplify: my "mailto: URI" had better be unique, or my mail won't reach me and I won't give a rat's <U-no> whether it's identified, uniquely or otherwise. So: "G20010302T165500.0000Z!Superbiskit@Home.com" I am not, personally, concerned about those who wish to send mail without divulging their identity. If security of some message id is really a problem then put something like Message-ID: #SECURE# in the plain-text headers and bury the real ID inside the encryped part. Traffic like that should be moving through tunnels anyhow. > > > Wait... Gnus already does most of that. I'm not sure if it does the hash > (time + random) bit or just hash (time). > > If you insist on going overboard, mash the whole message through MD5 and > use that as the Message-ID string or part of it. > > I dunnow about CORBA's security, or lack thereof. It really isn't an issue > here. Message-ID is was never intended to be "secure". > -- > Rat <ratinox@peorth.gweep.net> \ Do not taunt Happy Fun Ball. > Minion of Nathan - Nathan says Hi! \ > PGP Key: at a key server near you! \ -- David A. Cobb, The Superbiskit ! Software Engineer, Public Access Advocate, All around nice guy. Get my PGP key at :<http://pgpkeys.mit.edu:11371/pks/lookup?op=get&search=superbiskit> Fingerprint=0x{6E3E DB8C 2E8C 4248 62B2 FE29 08EE CF0A 3629 E954} "By God's Grace I am a Christian man, by my actions a great sinner." --The Way of a Pilgrim, R. M. French [tr.] <---.----!----.----!----.----!----.----!----.----!----.----!----.----> ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-02 16:43 ` David A. Cobb @ 2001-03-02 17:38 ` Stainless Steel Rat 2001-03-03 3:44 ` David A. Cobb 0 siblings, 1 reply; 32+ messages in thread From: Stainless Steel Rat @ 2001-03-02 17:38 UTC (permalink / raw) * "David A. Cobb" <superbiskit@home.com> on Fri, 02 Mar 2001 | Hey, it's the in thing. So is Java and it can be used for everything, right? Just because it is in and hip and cool and stuff does not make it the best way to do everything. | Simplify: my "mailto: URI" had better be unique, or my mail won't reach | me and I won't give a rat's <U-no> whether it's identified, uniquely or | otherwise. | So: "G20010302T165500.0000Z!Superbiskit@Home.com" No more or less valid than what my firewall at work does: <01Mar2.104434est.115296@gateway.intersys.com> But it is harder to calculate, especially given that Emacs really has no good way of looking for MAC addresses. -- Rat <ratinox@peorth.gweep.net> \ If Happy Fun Ball begins to smoke, get Minion of Nathan - Nathan says Hi! \ away immediately. Seek shelter and cover PGP Key: at a key server near you! \ head. ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-03-02 17:38 ` Stainless Steel Rat @ 2001-03-03 3:44 ` David A. Cobb 0 siblings, 0 replies; 32+ messages in thread From: David A. Cobb @ 2001-03-03 3:44 UTC (permalink / raw) Cc: (ding) Stainless Steel Rat wrote: > * "David A. Cobb" <superbiskit@home.com> on Fri, 02 Mar 2001 > | Hey, it's the in thing. > > So is Java and it can be used for everything, right? > Just because it is in and hip and cool and stuff does not make it the best > way to do everything. No, ELisp is the way to do everything, and do it all in one place ! ;-} > > > | Simplify: my "mailto: URI" had better be unique, or my mail won't reach > | me and I won't give a rat's <U-no> whether it's identified, uniquely or > | otherwise. > | So: "G20010302T165500.0000Z!Superbiskit@Home.com" > > No more or less valid than what my firewall at work does: > <01Mar2.104434est.115296@gateway.intersys.com> > But it is harder to calculate, especially given that Emacs really has no > good way of looking for MAC addresses. Just like your firewall, read that as "Gregorian" 2001 03 01, etc. Gnus could do that quite easily! But for those of us with an ISP as gateway I'm not sure any ID we give a message will "take." I think At-Home will stick its own on it anyway. I'll need to do some testing ! > > -- > Rat <ratinox@peorth.gweep.net> \ If Happy Fun Ball begins to smoke, get > Minion of Nathan - Nathan says Hi! \ away immediately. Seek shelter and cover > PGP Key: at a key server near you! \ head. -- David A. Cobb, The Superbiskit ! Software Engineer, Public Access Advocate, All around nice guy. Get my PGP key at :<http://pgpkeys.mit.edu:11371/pks/lookup?op=get&search=superbiskit> Fingerprint=0x{6E3E DB8C 2E8C 4248 62B2 FE29 08EE CF0A 3629 E954} "By God's Grace I am a Christian man, by my actions a great sinner." --The Way of a Pilgrim, R. M. French [tr.] <---.----!----.----!----.----!----.----!----.----!----.----!----.----> ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-02-28 16:31 ` Florian Weimer ` (3 preceding siblings ...) 2001-03-01 14:24 ` Chris Shenton @ 2001-12-31 2:37 ` Lars Magne Ingebrigtsen 2002-01-02 23:24 ` Raymond Scholz 4 siblings, 1 reply; 32+ messages in thread From: Lars Magne Ingebrigtsen @ 2001-12-31 2:37 UTC (permalink / raw) Florian Weimer <fw@deneb.enyo.de> writes: > There's already such a service built into recent versions of INN: > > | 200 cert.uni-stuttgart.de InterNetNews NNRP server INN 2.3.0 ready (posting ok). > | post > | 340 Ok, recommended ID <97j88b$o6$1@hornet.rus.uni-stuttgart.de> That's pretty cool, but it comes too late, really. Gnus/Message needs to know what Message-ID it's going to use, so that filed-away copies, possible score files, mail copies (etc.) all get the same Message-ID. Now, if INN had a command called "GIVE-ME-A-MESSAGE-ID", then Gnus could use that. -- (domestic pets only, the antidote for overdose, milk.) larsi@gnus.org * Lars Magne Ingebrigtsen ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: Thoughts on Message-ID generation 2001-12-31 2:37 ` Lars Magne Ingebrigtsen @ 2002-01-02 23:24 ` Raymond Scholz 0 siblings, 0 replies; 32+ messages in thread From: Raymond Scholz @ 2002-01-02 23:24 UTC (permalink / raw) Lars Magne Ingebrigtsen <larsi@gnus.org> writes: > Now, if INN had a command called "GIVE-ME-A-MESSAGE-ID", then Gnus > could use that. This may work but it should be considered harmful, me thinks. ,---- | post | 340 Ok, recommended ID <hk401a.787.ln@mde1.zonix.de> | . | 441 From: header missing, article not posted `---- Cheers, Ray -- http://www.zonix.de/ - (c) 2000 by Yamtaijika Corp. ^ permalink raw reply [flat|nested] 32+ messages in thread
end of thread, other threads:[~2002-01-02 23:24 UTC | newest] Thread overview: 32+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2001-02-28 16:05 Thoughts on Message-ID generation Toby Speight 2001-02-28 16:31 ` Florian Weimer 2001-02-28 16:38 ` Paul Jarc 2001-03-01 21:39 ` Florian Weimer 2001-03-01 22:46 ` Paul Jarc 2001-03-02 10:34 ` Florian Weimer 2001-03-02 15:03 ` Paul Jarc 2001-03-03 10:45 ` Per Abrahamsen 2001-03-11 14:20 ` Florian Weimer 2001-03-11 15:09 ` Kai Großjohann 2001-03-11 15:10 ` Per Abrahamsen 2001-02-28 18:35 ` Toby Speight 2001-02-28 20:09 ` Kai Großjohann 2001-03-01 3:12 ` Russ Allbery 2001-03-01 14:24 ` Chris Shenton 2001-03-01 14:51 ` Florian Weimer 2001-03-01 22:52 ` Harry Putnam 2001-03-02 10:35 ` Florian Weimer 2001-03-01 15:17 ` Kai Großjohann 2001-03-01 22:05 ` David A. Cobb 2001-03-01 22:38 ` Stainless Steel Rat 2001-03-01 22:55 ` David A. Cobb 2001-03-02 0:52 ` Stainless Steel Rat 2001-03-02 14:35 ` Toby Speight 2001-03-02 15:41 ` Stainless Steel Rat 2001-03-02 15:53 ` Paul Jarc 2001-03-02 16:18 ` Simon Josefsson 2001-03-02 16:43 ` David A. Cobb 2001-03-02 17:38 ` Stainless Steel Rat 2001-03-03 3:44 ` David A. Cobb 2001-12-31 2:37 ` Lars Magne Ingebrigtsen 2002-01-02 23:24 ` Raymond Scholz
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).