At 12:10 AM 5/25/96 EDT, E. ALLEN SMITH wrote:
From: IN%"unicorn@schloss.li" "Black Unicorn" 24-MAY-1996 22:52:03.64
Remailers on the attack points (first in chain, last in chain) simply MUST be disposable as tissue. They must be run as anonymously as possible, with as little connection to the ISP's assets as possible and immediately disposable. They must be easy to set up, runable without root and there must be a much more efficent tracking mechanism. (Mr. Levin has done a terrific job, but even more needs to be done).
Why the first in chain? If the anti-traffic-analysis provisions are working properly, it should be impossible to prove that a given first remailer was the first remailer for any particular message. I had thought that even civil courts required that you be the person who committed some act, not the person who _might_ have committed some act. Otherwise, all the remailers are in danger. This is even if someone tries an entrapment by sending through some illegal material - if the courts accept that they should be allowed to do this, then all the remailers they chained are going to be hit.
Likewise, I don't see why the first address in the chain is vulnerable, as long as the message subsequently passes through at least one trustworthy remailer, and probably a temporary output address. Jim Bell jimbell@pacifier.com