multiplicative decreases in cutoff probability, and it is therefore easy to set a cutoff value for delay which will occur with sufficient infrequency as to be useless to the cryptanalyst. They will be useless only as long as you have an assurance that these cutoffs are not correlated with anything "too large" (left deliberately hand-waving). In particular, delivery times are related to the retry algorithms at the higher level of the protocol. These retry algorithms operate between some two ends and therefore introduce correlations into the message patterns. It's not obvious (and may not be true) that arbitrary latency limiting is a safe behavior. By "cryptanalysis," I mean traffic analysis. Considering the remailers to be a cryptosystem was suggested recently on this list by someone (I forget whom). That was me. I'll have more to say on that subject later. Eric