On Sunday, September 2, 2001, at 12:26 PM, georgemw@speakeasy.net wrote:
If the remailer operators decided they wanted to deny "baddies" use of their services, they would not only have to unanimously agree as to who the "baddies" are, they would also have to deny their services in all cases where the client cannot be positovely identified. Neither of which strikes me as being plausible.
If there are many remailers, essentially zero chance. (Or if one is a remailer oneself.) The other remailers can theoretically band together as some kind of guild and reject packets from "rogue" remailers, but there are numerous practical problems. Identifying a "rogue" remailer which "allows" packets from "baddies" (e.g, from Mormons, or free speech advocates) will not be easy: the guild of do-gooders will only known a rogue packet has entered their system if they _trace_ it! Nearly all "baddie" packets exiting the system ("Down with Barney the Dinosaur!" and similar evil things) will only be detected--drum roll--when they _exit_ the system. Fat chance that N remailers around the world will proactively trace packets just so they can burn the Barney critic baddie.
I stand by my earlier statement. The fact that you may be identifiable at the point of entry to an anonymity system is a weakness, not a desired feature, and if it can be avoided, it should be.
Then design such a system. "Anyone a remailer, anyone a mint" is one strong approach. --Tim May