On Wed, 4 Oct 2000, Jim Choate wrote:
On Wed, 4 Oct 2000, Ray Dillinger wrote:
Plaintext looks like plaintext.
Yeah, if the only thing you right is simple English. Most of the planet doesn't speak English and their plaintext doesn't necessarily look like plaintext.
This is a xenophobic view.
No, it's not. Every natural language has a detectable frequency distribution and contacts. *ALMOST* every cipher does not. Someone could be writing martian using the cyrillic alphabet, and you could still look at it and say "this character occurs seven times as often as average and is never followed by that character. This other character is preceded by the same character fully half the time it appears. And over here we have a set of characters one of which *always* follows any appearance of any member of this other set of characters (which is a constant in almost all languages with plosive consonants -- the only thing that normally follows a plosive consonant is a vowel...) You don't have to know what it says or what language it is. Plaintext looks like plaintext, and by the time you have more than 50 characters the probability curve of mistaking it for anything else is flat as a goddamn strap.
This isn't even a "real" problem, once you look at the text produced by, eg, PGP, GPG, and whatever else you allow on the system.
Ah, here's the rub. Here we are trying to stop the government and other organizations from dictating 'standards' and yet here you are wanting to impose another one.
Did I say someone else couldn't set up a crypto-only mailer using DES and AES? You always get to dictate 'standards' for systems you own. I always get to dictate standards for systems I own. And the government rightfully gets to dictate standards for systems it owns. Sometimes it tries to do more than is rightful, but that is another question.
The function of an anonymous remailer should NOT be context/content sensitive.
Uh, now who's trying to impose a standard? You want a system that _someone_else_ runs to conform to _your_ ideas of what it ought to do. You get to dictate standards on systems _YOU_ own -- not on anyone else's. Bear