-----BEGIN PGP SIGNED MESSAGE----- Okay, I think the discussion has forked somewhere along the way to "gopherholes" and "message havens". While I described the message havens, maybe I didn't do so clearly (after all, it's all worked out in my mind!) and I may be overlooking something a fresh perspective will see. But, the advantages of a message haven are: * it doesn't send mail, thus eliminating what are the strongest objections to anonymous mail - you can't harrass somebody * it doesn't require you to tell it what messages you want to retrieve * it doesn't keep a list of pseudonym and true identity mappings, which seems to be required for "gopherhole" operation * it doesn't even need to have a public key: you and your partner can use each other's keys, and in every response to a message, you can specify what to name the next message, and even include a brand new public key if you want, etc. * if you retreive all the messages, the haven can't figure out who you are communicating with (actually, it can't figure out who is communicating with you) Now, about gopherholes: [description of how randomization and tag changes will make it hard to associate pseudonyms and true names]
Yeah, it certainly isn't trivial to attack. However, I'd like to
Unless I missed something, you have to tell the "gopherhole" what messages you want to receive. This allows the goperhole to associate your psuedonym and true identity. More comments! About message havens and gopherholes. Nice to see some crypto being discussed ;) Karl Barrus klbarrus@owlnet.rice.edu -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLdMGfYOA7OpLWtYzAQHT2gP9GEpOePu8gUp/u4E37pWF8WhkyFaGwpqw nAkpqhanf8gCOsvPRhk4lvwETZ20hoCRzgR2bZzIq4F4bgtvx659bbElNBZv8kKu 5xYlMm+cV3MCwwTYXaBz7ItIl8ZC6rfQLdc2LAXhvJvjdaxHTpDeySN5l1gTdCII j9SQvUGYG1w= =/NkS -----END PGP SIGNATURE-----