faust@cd.chalmers.se brings up some interesting points about remailer encryption, suggesting the capability to re-encrypt a message at the remailer point instead of a-prior by the sender. This was proposed to allow replies to a anonymous user to be encrypted using that user's public key, avoiding the problem of the final message being transmitted in cleartext. The sophisticated server run by D. Clunie around December for a few months allowed exactly this basic and valuable capability, and so far has been unmatched. In his system the user sent messages to the server encoded by the server's public key. Replies to the user through the server were first encrypted with that user's public key before being transmitted. This means that security at the remailer-to-`nym' is protected even if respondents do not encode their messages first. Despite being fairly simple to implement (esp. with the availability of PGP) this is not yet available on anon.penet.fi. J. Helsingius has repeatedly reaffirmed his intent to put the feature in a New & Improved Mark II server due sometime in the fall. I've also suggested some improvements to anonymous servers. In particular, I would like to see a sophisticated `nym-management' scheme whereby the user can allocate, redirect, and deallocate addresses at will. Such flexibility and versatility allows many other neat unforeseen uses of the anonymous server. For example, many sysadmins are in the habit of creating new email ID's for each new query posted on Usenet to aid in organizing simultaneous queries. With nym-management a user could do this as well. The user could also receive mailing lists at different addresses. This would be useful under a very radical new capability: local archives. In fact, the transition from anonymous servers to personal rented file spaces may be automatic and seamless in the future. Unfortunately, while there's been a modest proliferation of cypherpunk remailers, and quite a bit of general interest (the recent summer Usenix anonymity conference was attended by a few hundred, see comp.org.usenix), the only server allowing anonymous responses is still Helsingius's anon.penet.fi. (I've not heard a lot about Kleinpaste's.) It seems to me this is an extreme weakness in cyberspace at the moment. When his server went down recently for a few days (from 90 degree weather, damage to the system board) many people were `stranded'. In fact, the only link between a lot of people and their correspondents is that server and its nym-to-address database mapping file, and if anything happened to either many would be disconsolate at minimum. I suspect operators are reluctant to run a `full-fledged' anonymous server because of all the cyberspatial politics & hassle involved for virtually no personal benefit and serious drain on personal time, finances, and cycles. When someone sets up an FTP site they at least are creating a sort of personal library and BBS for perusal. But the anonymous server operator actually is ethically restricted from completely perusing the data spawned by his creation. Hopefully the field will change when there are economic incentives to run an anonymous server. For now we will have to rely on selfless heroes and paternalistic voyeurs. I'll leave it to the reader to sort them out.