-----BEGIN PGP SIGNED MESSAGE----- Hello, Hal <hfinney@shell.portal.com> wrote: (replying to Eli Brandt <eli@UX3.SP.CS.CMU.EDU>)
I think splitting the message would be OK, but then the question is who is responsible for reassembling it? If there were a "reassembly server" which took such messages, assembled them, and forwarded them, then we would be right back where we started from. If the end user is ...
Not really. Wouldn't there be a different politic to reassembling messages as opposed to anonymous remailing? Such a reassembly server could cooperate with the authorities, nay, even precede each message with a PGP-signed list of where the various pieces came from. On second thoughts that last is a bad idea (because you might want the first line to be eg a reply block), but such a list could be published on WWW by Message-ID (or Subject, or ...). The remailers thus implicated have the defence that they could not possibly have known the contents of the message, because it was split. Actually, the same end can be achieved by having a non-anonymous remailer, which simply decrypts and mails - and cooperates with the authorities. It doesn't even need to strip the headers. However, such a thing would probably have no other function than this so it might be harder to run. (A reassembly server would have the stated function of implementing k-of-n splits, eg for key/document escrow etc. Pieces coming in anonymously would be merely permitted, not expected.) BTW: s1018954@aix2.uottawa.ca wrote:
On Wed, 18 Oct 1995, t byfield wrote: ...
header-forging: it's a practical fact of the net, and one that maybe shouldn't be overlooked on (basically vague) 'moral' grounds, any more than
The courts can't overlook it either. There goes liability. If I posted pirated software from this account, according to what you're saying, I could claim a forgery and show reasonable doubt.
I understand that a post of mine on Cypherpunks had certain piece of CoS scripture added to it. The original post was signed, and the person or persons responsible did not attempt to include the addition within the signed part (merely attached it to the end) so the signature still checked out. Even on cypherpunks somebody replied to that addition with the attribution "Jiri Baum wrote" without noting it wasn't signed by me. (Called it "drivil", too, but I guess that's between him, his English teacher and the CoS.) "Richard Martin" <rmartin@aw.sgi.com> replied to s.: ...
*If* we were all wonderful little cypher-junkies and signed everything, then we might plausibly be able to deny forged mail: "I ...
Well, I sign everything, don't I? (Somebody please tell me if I don't.) No I don't have it hard-coded into my mailer. However it's easy enough to do as it is: ":w qqq", switch windows or ^Z, "pgp -sat qqq", go back, "dG:r qqq.asc". ...
I'm looking forward to the point where my mail reader will sort things according to reputations I give correspondents, and perhaps flag mail ...
Yup. Why don't you write one? ("cypherpunks write code") Hope that makes sense... Jiri - -- If you want an answer, please mail to <jirib@cs.monash.edu.au>. On sweeney, I may delete without reading! PGP 463A14D5 (but it's at home so it'll take a day or two) PGP EF0607F9 (but it's at uni so don't rely on it too much) -----BEGIN PGP SIGNATURE----- Version: 2.6.2i iQCVAwUBMIWnqCxV6mvvBgf5AQH5rgQAuQb2Q86dlORTGyByuZA9Uw1P+66gqune FWWc6uNFYysP6pjX0kl+Z3BVlYLJieRrY5wO/J1pJDOXcJC4NqAShfW8gXpA0F27 kkNc9yE+418ppdF5tyInjOGAHdeQyLQ0Klqthb2lBXo7pjAagEc9wXnlCRT8sj1i 9FXXZ4yDgjs= =Bnu1 -----END PGP SIGNATURE-----