I'm sorry if I missed the beginning of the thread and am off-topic: (but I may as well promote what I've written anyway =) The blind anonymous server that I've written which is running on omega.c2.org can facilitate the creation of a mailing list for which all the members are anonymous. The maintainer of the list merely needs to create an "identity" for the list and add as "paths" back to the identity encrypted blocks pointing to the people who are subscribed to the list. (Thus the maintainer of the list doesn't need to know the email addresses of people subscribed..) Mail sent to the list can just be sent to the identity's alias at omega.c2.org, and if the "spraymode" option is on then mail will go out to everyone on the list. See http://www.c2.org/services/blindserver.html for more information.
-----BEGIN PGP SIGNED MESSAGE-----
Has anyone tried to write some mailing list software that uses PGP-anon-remailers to implement a double-blind anon system?
a standard mailing list. But has this already been done? It seems like such an obvious idea, that it's hard to believe no one has thought of it first, but I haven't heard of anything so far. Comments?
Well, Hal Finney offered a service by which people could subscribe to an encrypted version of this list... which is something similar.
Say somebody wants to run a mailing list as you propose. I think they should just run the list at the same address unless the remailers can suitably pad, delay, and randomize incoming messages and redirect them to the true list site (but then delay and randomization may lead to loss of coherency on the list ;). If not, surely external observation of the contact point will show where all the messages are headed.
The resources needed would be higher than a normal list since each incoming message would need to be checked for a digital signature (or the list could become victim to an anonymous mail bomber, and you can't filter out anonymous remailers since of course everybody is using them to submit posts!), encrypted to every other member, and remailed.
Which isn't to say impossible, just maybe impractical for a large mailing list. Take this list, with say 500 members - every incoming post digitally signed and arriving via anonymous remailer, and upon arrival, checked for a valid signature, encrypted with the public keys of the pseudonyms subscribing to the list;), and remailed out...
This may work if you have a small group of people dedicated to this setup, but otherwise, no go. I mean, most people on this list don't even sign their posts, most don't submit via anonymous remailer, etc. It would take much work to make it convenient enough to do this.
I think a higher priority is finding the bug that keeps unsubscribing everybody ;)
Karl Barrus klbarrus@owlnet.rice.edu
-----BEGIN PGP SIGNATURE----- Version: 2.6
iQCVAgUBLgTdeMSF/V8IjI8hAQHeTwQAjDPXzJgrwubLkxq0Kz6ETM7chR4Ci5kG XbzWrFc3jwT57xpOfHIeeTTWn73Sls7C5UsFAT1sE4hxHRZO2HG6a7psLRa5/82V bhjnW+6KMOByCZb01h4b0toVR+7vF22EzPME0lnlsW+SjBqlAcNYPb+rSnjbnahG g9zzaCL6nJ8= =1WIZ -----END PGP SIGNATURE-----
-- Karl L. Barrus: klbarrus@owlnet.rice.edu 2.3: 5AD633; D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5 E8 97 64 7E 20 95 60 D9 "One man's mnemonic is another man's cryptography" - K. Cooper
-- sameer Voice: 510-841-2014 Network Administrator Pager: 510-321-1014 Community ConneXion: The NEXUS-Berkeley Dialin: 510-841-0909 http://www.c2.org (or login as "guest") sameer@c2.org