Cancels by news admin

Julien ÉLIE julien at trigofacile.com
Fri Aug 6 19:27:25 UTC 2021


Hi all, and especially news admins,

How would you see the process of sending authenticated cancels for 
articles injected through your news server?
If Cancel-Lock is enabled, a hash will be added at injection time, using 
a secret admin password.  On news servers implementing Cancel-Lock, such 
articles cannot be cancelled except when providing the corresponding key 
in a cancel message.  Only two persons can send that key:  the user 
itself, as a lock hash is also added for him unless already present, and 
the news administrator.

AFAIK, there isn't any script or command in INN that currently permits 
sending cancel articles to peers.  (ctlinnd cancel <mid> is only local.)

One easy thing to do when implementing Cancel-Lock is to provide a new 
ctlinnd command that gives the related admin keys.
Suppose you want, for any reason, to cancel an article <mid> sent by 
your news server.  Then you type:

% ctlinnd canlock <mid>
Cancel-Key: sha1:1k+GWLLnK+eQPvEDtUIvOgxyurY= 
sha256:r4hf9OtJCfScuiuDIqi93b9qsO9Z4BQ+CUEzQ/pvQ/E=

This would be the header field to add to the cancel article (having the 
admin key in both sha1 and sha256; the same algorithms used for the 
initial lock hash).
Then you have to prepare a cancel article and send it (via your news 
client, rnews or any other posting agent).


Would it be enough for the needs of news admins?
Otherwise, what would you need?


In the case of a script shipped with INN that directly sends the control 
article (if wished), what to put in the From header field?
From: News admin <newsmaster at your.news.server>
with the possibility to override it?

backends/send-cancel <mid>
backends/send-cancel -f "My name <another at address.fr>" <mid>

Would it be useful?  Other things?

-- 
Julien ÉLIE

« – C'est joli cette avenue le long de la mer… Ça s'appelle comment ?
   – La promenade des Bretons. » (Astérix)


More information about the inn-workers mailing list