On Fri, 27 Aug 93 20:53:51 -0700, eric@Synopsys.COM said:
On Fri, 27 Aug 93 05:52:43 CDT, b44729@achilles.ctd.anl.gov (Samuel Pigg) said:
Samuel> Correct me if I'm wrong, but as I see it, there are two goals Samuel> for the remailers: Samuel> (1) Anonymous addresses to which mail can be sent, but the recipient Samuel> is unknown and cannot be determined (receiving anonymous mail). Samuel> (2) The ability to send mail to someone without anyone Samuel> (including the recipient) determing that you did so Samuel> (sending anonymous mail). Samuel> Number 2 can be mostly taken care of with nested encryption of Samuel> mail headers. [...] Samuel> To construct an anonymous address block might be something like: Samuel> Anonymous Anne wants an anonymous address. Samuel> First she generates a set of N keys (IDEA, DES or ....... eric> That's basically the way SASE works. It's important eric> that some of the keys be public key pairs, however; as eric> you need to be able to publish one half of a key, and eric> seal the other half for an unpublished remailer to eric> decrypt with. I don't see why some of the keys need to be public key pairs. The intermediate encryptions done by the remailers are only to be undone by the anonymous recipient correct? So why would one part of the keys need to be published? (the anonymous address block would have these keys sealed in the various nested encryption levels, as you said.) eric> One thing is certain, these protocols are not simple. eric> We definitely need people thinking about them... ..and discussing them! (as we are doing now.) -Sam