-----BEGIN PGP SIGNED MESSAGE-----
One solution that I've thought about is only passing messages which are composed of cyphertext. Does this make any sense?
This sounds useful, but I'm curious how you would enforce it. I would think you'd need to do some nontrivial statistical analysis to be reasonably sure you weren't allowing various binaries, uuencoded files, etc. with faked PGP headers, without preventing people from using other encryption schemes. I'd say this is the flip side of the challenge faced by governments trying to outlaw transmissions using strong crypto.
I realize I can't enforce this perfectly. My goal isn't to force people to use encryption, it's to cut down on my risk as a remailer operator. Basically, I'm going to make sure that there are headers, a pgp version number, and that there are no obvious problems with the text (ie. no whitespace, full length lines, etc.) Someone who really wanted to make trouble for me could still do it with my remailer, but I think that someone who wanted to mail death threats or post forbidden material would probably use another remailer as the final hop. Your letter has brought a fairly serious flaw in my plan, though: it's possible to simply ascii-armor a binary with PGP isn't it? A brief scan of the pgp docs hasn't revealed the command, so I can't tell what an ascii-armored binary looks like, but I'll be it's just like cyphertext. That means I'll probably have to read the ascii-armor if I want to do this. == Alex Strasheim | finger astrashe@nyx.cs.du.edu alex@omaha.com | for my PGP 2.6.1. public key -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLtK6HBEpP7+baaPtAQGyCQQAkYssaS1iZ6KMJ3m4AKNLGbIAX3E7Bopq k39a+weRm6hzznbMoCHao5wcZ9V89tvgAg8aABxQ3wB894y71s9sAYs8J5GnbrBE fCqdxMfPxp+XaWh6pQO9ggDnw04eS5bFS1TPr4MeQumjMdx4CmcQegjhp5VNLSVH qZ7M9Q5x+hg= =utlk -----END PGP SIGNATURE-----