John Gilmore posted this on coderpunks, the response seems underwhelming (only one response so far). Looks interesting, and I think a cool replacement for penet. I'd be interested to see any comments on practical implementations for this. -Adam Forwarded message: ====================================================================== To: coderpunks@toad.com From: John Gilmore <gnu@toad.com> Subject: Implementing the anonymous.net domain Date: Sun, 20 Oct 1996 18:33:15 -0700 I'm looking for a project leader and a team who will take on the job of making a working cryptographic "anonymous.net" domain. I'm looking for software that would permit mail to be anonymized with a return address like: lkjasdflkjaslkdjfhakjshdfokiuhasdouilkjasdflkjasdfkjl@anonymous.net which would permit a reply to reach the originator by some secure chain of remailers (I'm not interested in an implementation that includes a Julf-like database). This would require at least two pieces of software: * Something to anonymize mail and put in that return address * Something to run on the anonymous.net server machines to read the address, and remail the mail. Additional subdomains can be allocated for other services, e.g. web.anonymous.net, julfmail.anonymous.net, news.anonymous.net, digicash.anonymous.net, etc. These are particularly valuable when multiple machines around the world can provide identical, replicated service. Current email and packet delivery protocols (A records and MX records) permit us to offer a large set of potential machines to which anonymous email would be delivered, at random, all under the same domain name. Each of these machines would have to be able to properly route mail for any email address in the anonymous.net domain. This would avoid denial of service by shutting down any particular remailer machine, as long as at least one advertised remailer remained up. The domain records themselves (for anonymous.net), which list the set of advertised remailers, can also be replicated on numerous hosts to make them harder to censor. Having replicated, random entry point machines would also make it harder to trace any specific message unless all the entry point messages were tapped by an attacker. The message they care about might go through some entry point that wasn't tapped. I'm willing to hold the domain name and defend it, but am too busy to do any of the protocol design or technical work required. The InterNIC has billed me for this domain; if we want it, it's time for a team to step up and build it. I'll pay the bill if I get a team, else the domain will go away. Have a discussion and let me know. Thanks, John