innd and rejects of dates
Russ Allbery
rra at stanford.edu
Sun Sep 26 22:13:35 UTC 2010
Thomas Hochstein <inn-workers at ml.th-h.de> writes:
> What about replay of signed control messages, i.e. old checkgroups?
> Currently you can't reinject an old checkgruops successfully because
> its Message-ID is in history or it'll be rejected because its Date is
> too old; both are signed headers. If INN will accept old articles with
> a current Injection-Date - which was and is not signed, and even not
> signable as it will be appended by the injecting agent (?) -, it will
> be possible to replay a checkgroups from five year ago which will be
> executed due to its valid signature. What do I miss here?
Nothing. Injection-Date should be signed when issuing control messages as
well, but that gets tricky since the posting agent isn't supposed to
provide one. I suspect what that means is that control message processing
software should impose a Date cutoff regardless of Injection-Date.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
Please send questions to the list rather than mailing me directly.
<http://www.eyrie.org/~eagle/faqs/questions.html> explains why.
More information about the inn-workers
mailing list