Derek Atkins <warlord@MIT.EDU> writes:
I'm not sure that I really meant to have a receipt, more or a return-path. Maybe even a cryptographiccally secure return path. I think a question is: who are we protecting against? Are we protecting against the remailer operators? Or are we trying to protect from a third party?
I think that we are trying to protect against 3rd parties. With the X-A-R-P:/X-A-S-P: scheme I posted, each remailer *could* log who it came from and who it was going to -- it's optional. But, (with the appropriate delays and padding to prevent traffic analysis), a third party would not be able to figure that out.
To me, this is like NEARNet saying that they have no obligation to accept packets from a known disruptive user. No, I don't believe that that is the answer. Then again, I don't think that a remailer should run out of an account, but rather on a machine, but that's a different story. I consider a remailer a service, and as such, the service should be available to all comers. (With digital postage this paradigm makes much more sense). I do not think of it like a home.
I would argue that you are correct. Anonymous remailing is a new service. It should have new servers that run on a well-known port (so that any user can start one up) and hacks could be put into most of the current mail agents to support using an anoymous remailer. We don't even have to follow RFC 822 in the format of our messages, though I think we should.
I also agree that positive reputation is important, but I think that is much more difficult to implement than a more secure anonymous system.
Yes. The easiest way to build a reputation is to assign some unique public/private key pair to each anonymous user and require all remailed messages to be signed. Then, you as a user can choose to ignore or read messages from that id. Additionally, it does allow for the server daemon to reject postings from "abusive" ids or simply not forward the posting, but rather a notice stating the ID and subject line of the message, making it available in a public place like anonymous ftp or gopherspace for those who *do* want to read it. The really nice thing about this is that it won't prevent people from having their anonymity, but it will cut down on the actual damage that abusers can do.
To reiterate: I do think that something needs to be done, but I think we should analyze what we are trying to accomplish rather than rushing off and saying "just don't service this abusive customer".
I agree. I think anonymous remailing should be as close to universal as possible. If there *is* a way to service everyone, I think we should do it. Resorting to non-service of "abusers" should be the last resort. Jon Boone | PSC Networking | boone@psc.edu | (412) 268-6959 | PGP Key # B75699 PGP Public Key fingerprint = 23 59 EC 91 47 A6 E3 92 9E A8 96 6A D9 27 C9 6C