Recently a new technology has been proposed: non-anonymous remailers. A non-anonymous remailer separates the two traditional functions of the remailer network: anonymity and avoiding traffic analysis. Because the network provides both of these features, some people may not be aware that they are distinct. Anonymity means that no one can tell who sent a message. Neither the recipient, the remailers, or an eavesdropper can know the source of a message. Avoiding traffic analysis means making it impossible for the path a message takes through the network to be traced, either by the remailers or by third parties. A non-anonymous remailer avoids traffic analysis but does not provide anonymity. The recipient can tell who the sender of a message is, but no one else can, neither the remailers nor eavesdroppers. There are several ways to achieve this cryptographically. The general idea is that the sender of the message must sign it with a valid public key (one signed by a CA trusted by the remailer network). This signature is hidden from everyone but the recipient because the message is encrypted for the recipient. However the sender can use variants of zero knowledge proofs to demonstrate that inside the encryption there is a signature which satisfies the requirements. The remailer net will only deliver a message to an end user if it is able to verify that the message, when decrypted, will be properly signed. This assures that the end user will be able to determine who sent the message, while no one else will. Non-anonymous remailers would be suitable for cases where people do not want eavesdroppers to know with whom they are communicating, but where they don't need to be anonymous to their communication partners. A financial house's merger and acquisitions department, for example, would not want third parties to know with whom they are exchanging email. A surveillance target will want to hide the identities of his co-conspirators. An employee who is considering changing jobs will not want his employer to know that he is sending email to a competitor. Many similar examples exist. Non-anonymous remailers would also have the advantage that they would be much less prone to abuse than anonymous remailers. Sending a harrassing message or commercial spam through a non-anonymous remailer would be pointless. It might as well have been sent directly, since the remailer does not hide the sender's identity from the recipient. In summary, non-anonymous remailers prevent traffic analysis without providing anonymity. This more limited functionality renders the remailer less vulnerable to abuse and misuse, while providing protection which will be adequate for many situations, and which may be especially appropriate for the business environment. 25BA1A9F5B9010DD8C752EDE887E9AF3 [Cantsin Protocol No. 2] 092AA1EC9926D468F8964B8EF537DDC1782A1281 5838A82465D8E6D05769B3A837D8C43CBF2C5500 -AE8 AE8 523DDCB64EAE3A8826583353B8A8B57D23952CEDE5605AF95605A60D8735040FD63CD0CAA1E3A35B946A8828565A9BD77AF301BFA40AC04C762F3A0ADFE6CE3B516D02A3E705167D43B04E1EBAB96F1875129BDF4E13B8F2023B72C3AE56A4102C24CF55213E3DF801A1451C92D94D3CC52D195EADBA8CF4BB7A976A7A1A3126EB8B7CA243DEC78665D7BA797BCA95EA5C8EA41B620C7F1BCE9662869B65F7E710A89CADD9DDF8CBE9265F057131067CA630F138D5AA5E4DAA19B1ECC6193A2A191CF7C5DD89B71590297189A60609A824A7A494A4944B37048DD2F8F0E510DA767E54C02F3E21DE6FFFB29D7B53607DD3920283B1ACC82FE1CAA0C5DD872EF6 2CD5E0D37250DE32D9A1A7229DB8D9DC5F3CA35BFD7E3F7F09612F4444ABE4FAB47097F9BF4D82DDD2FD5FF7770B1F80369EEBC9703265DE03B24ABEA9E584839569156638A5D21005CF06550392B45076B3026E25104F91B59FB994E89B4F15A168790CAC3ADD030EBC06E5C96086FBF7B17369E4D102725FA779784BACD67812B39E71003FE4741B57ECF814A1053F290F46FD07F48E5DA586FECCA62D3ABC54C15D8652F1FFDCE8D7C312486BC643F9AFE70518084644293643DF638172545B08D93CF6E2664211330A4555E8774B665C9CA344ABB698B6C709E767F9ECB8F78DB4B12F2271D15DC8D5A9E355A9C0F6CC413906E188A52B1AEB6009BAC5EA