March 27, 2003
Toward secure comments
Trackbacks, once your get your apache server chroot properly configured, are a cool thing. You create a post and you paste the other site's trackback URL into the form and MT does the rest. The rest being it takes that URL, contacts that site and sends it the relevant bits from your site. All done for you.
Now, here's the trouble, how does the receiving site know whether or not it wants trackbacks from you?
We've seen comment spam and Winer's certainly had this past bouts of 'how dare you call me on facts in my own discussion group' woes. While getting feedback is always a good thing sometimes trouble develops. So how do we setup comment systems like this that allow the recipient of the comments a little bit of control over incoming messages?
Using per-site registrations is one way. This, frankly, sucks. It requires the poster to have an account on your site AND to remember the unique password for it.
If you sign up for a site and use that same password used elsewhere, guess what happens when one of the sites get's hacked? Right, they can then attack your accounts everywhere you used the password.An alterantive is to use a third party of some kind that you can both mutually trust. You get a key from me and send a message to me signed with both yours and my keys. Your key can be verified from the third party. I get the message, check the key against the third party and ones I already know and verify that it was signed to me.
What would it take to make this painless? Or, if not painless, at least reasonably automatic. One step would be to put your public key on your web pages such that a tool like TrackBack can find it. The tool could then post the message encrypted against that key.
