At 9:42 AM 10/18/95, Hal wrote:
I think a remailer which forged headers would get people even angrier than one which was up front about what it was doing. Forging headers is really considered antisocial by a lot of people on the net. If you could do it safely, you wouldn't need remailers. Since you need them, it's not safe, hence the message will probably get traced back to the remailer. This is prima facie evidence to get an account yanked at a lot of places.
Of course. The problem is that protocols as implemented permit header-forging: it's a practical fact of the net, and one that maybe shouldn't be overlooked on (basically vague) 'moral' grounds, any more than Netscape should say, "Well, you just _shouldn't_ screw someone with a foo.foo.foo.foo... URL." Of course people shouldn't overflow your stack intentionally--but they _can_, and the implications of that fact are shaping the net as we speak. If the headers were forged in such a way as to falsely and _credibly_ attribute a transmission to an actual uninvolved third-party, that's one thing; but the existence of headers that are forged so incompetently as to be traceable to their actual origin suggests that forged headers might be worth meditating on. For example, what if two or three dozen independently maintained Mixmasters in three or four countries randomly forged headers (maybe even actually badly, or maybe craftily "badly") so as to make the last link in a chain look like one (or "one") of the other remailers; how would the Co$ cope with that? Anyway, you get the drift. Ted