On Sat, 29 Dec 2001, Bill Stewart wrote:
At 09:01 PM 12/17/2001 -0600, Jim Choate wrote:
The only way to get security is for the originator to do the encryption - otherwise, if ANY remailer in the chain is compromised,
Actually this isn't the 'only' way. ALL (!!!) that is required to keep the security of the email traffic is that it is source encrypted for the destination; it's gibberish to all middle-men. What the remailer chain does is break the causal connectivity, it provides plausible deniability. Now, with respect to middle man routing, if each middle man routes to another layer randomly then it addresses the exact issues of a 'turned' remailer. In addition, with the current 'ad hoc' key management mechanism getting intermediate keys isn't that hard (just pose as a remailer operator and they'll gush into your keyring). A solution to this problem, that you won't accept but 'oh well', is to create the network using 'small world' approaches so that the remailers have a 'back channel' to continously validate the 'reputation' of the next stage remailers (ie ala 'igor') while at the same time not even knowing what other remailers out there might exist in the 'remailer cloud' (and more importantly not caring). This approach has a couple of additional advantage; it doesn't require the user to understand some hard to comprehend syntax for the remailers, and it doesn't require the user to keep all this evidence around a priori to their actual use of the remailer chain (ie they don't have to d/l a key from anywhere mecessarily) - traffic analysis.
the Bad Guys can read the message.
At no point can anyone other than the recipient 'read the message', unless it was sent in the 'clear' in the first place (silly thing to do).
If the originator does the crypto, then EVERY remailer in the chain has to be compromised to break it.
ROTFLMAO. ONLY(!!!) if the source didn't destination encrypt to begin with. A critical step you seem to not quite 'get'. [other 'stuff' deleted] -- ____________________________________________________________________ Day by day the Penguins are making me lose my mind. Bumper Sticker The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ ravage@ssz.com www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------