In the talk about replyable nym-mailers I haven't yet seen netescrow mentioned. You DID all read this ?
Oblivious Key Escrow Matt Blaze AT&T Research mab@research.att.com 12 June 1996
Abstract We propose a simple scheme, based on secret-sharing over large-scale networks, for assuring recoverability of sensitive archived data e.g., cryptographic keys. In our model any one can request a copy of the archived data but it is very difficult to keep the existence of a request secret or to subvert the access policy of the data owner.
This all hinges on a policy to be followed by archive holders defining the conditions under which they release their shares. This could be receipt of a signed request from the owner (remailer). Maybe the table relating nyms to reply addresses could be stored in netescrow style so that captured remailers reveal nothing. The problem of operator coercion is not addressed by this. Police investigations might apply "angry mob cryptanalysis" to find a sender - convincing a sizable number of operators that a crime had been committed with some particular piece of traffic. Anybody want to estimate traffic + storage requirements ? Or number of participants needed for a viable scheme ? -- Peter Allan peter.allan@aeat.co.uk