-----BEGIN PGP SIGNED MESSAGE----- "Robert A. Costner" <pooh@efga.org> wrote:
But you don't need a special anonymity server to do that; a keyserver plus either a personna certificate or some archiving mechanism is enough. The certificate shows that you're the first+only person at that certificate issuer to use the name you've chosen; the archive shows that the first poster using the name <nym> used PGP Key <key>. I have a PGP key I use for signing pseudonyms which performs the personna certificate function - I'll verify uniqueness of keys that I've signed.
I was thinking of remailers sending out anon messages with a distinct from line that has zero connection (in the nym database) to any email address. Is this possible? To establish a nym only through one way communication?
I can think of a couple of ways this could be implemented. You could either allow the user to select an e-mail address to use, then do an nslookup to verify that the domain does not exist, or else choose a domain that's actually nothing but a bit bucket. The cleanest implementation might be to create a "bitbucket.efga.org", alias all incoming mail (except for perhaps "postmaster") to /dev/null, then assign non-replyable 'nyms off of that. That would eliminate the need for managing reply blocks and confirmation cookies. This is much more preferable to these people you see who post with a From: address of "nobody@nowhere.com", probably not realizing that nowhere.com is actually a real domain. But implementing such a server is still a lot more work than simply allowing From: headers to be pasted and allowing source blocking for anyone who is worried about being the victim of abuse of such a scheme. - --- Finger <comsec@nym.alias.net> for PGP public key (Key ID=19BE8B0D) -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQEVAwUBNIRgZwbp0h8ZvosNAQGC7gf+PRUB+6Zuxns3E+BWZoM3kkzn4MD9vcip 1MvQRFRvTTdvGM4vFySYcZByv7SQJdIiVZItyzMe4qMz+Ft/xpbWUYmz3mOpws9H RW3sbsFywNzp4pCxolKhMJ8QTQI/tHb3CHT6thHkbgjpzr4bJlL6trLKn+btY2d/ MdNq61oPCTq4YYdj9kC8WebngjfJZOvcvQhX1OLtUaagrpL8DiGxivGSz/Rdl6ZC Yr8m8m0V/l6WA4HG3ZKTDoBz6OBxI7VROZRZdJkCRHKgScQP9/4+UYnSbew1rAhE apoUG3Ds7kiIUoZ9gLz01sYvRRaWelIjIZLp+RfnMPvtwXexP2uA8Q== =+uAL -----END PGP SIGNATURE-----