At 03:29 AM 10/12/98, Peter Gutmann wrote: I have experimented with an X-signature line for "remailing" messages. I was recently trying this with the dragoncon.net service. Cracker is a traditional Cypherpunk remailer. Properly used, messages from Cracker are not traceable even to governments. Cracker generates enough complaints to be bothersome. Redneck, the nymserver, on the other hand produces almost no complaints. I perceive the different on the user's side as being accountability and the use of a persistent identity. On the recipients side, the issue is retribution. There are people who receive anonymous messages who simply want retribution. Cracker does not allow this retribution to the user (so they pick on me:). Redneck does allow retribution. http://anon.efga.org Cracker and Redneck are "special" in that under no circumstances are logs kept, messages traced, or any attempt done to track users. So I started a variation of a nym service at another domain, http://www.dragoncon.net Based on comments from recipients and users of anonymous messages, I kept two requirements * No user based encryption required * Retribution against the user is available There is/was a back door in that while all messages go out with an X-IP header, this is "lost" if the user originally registered with a first name of "Anonymous". I will not claim this is as secure as Cracker or Redneck, but the service does fit the needs of many people. I wanted to keep my original requirements in mind and allow messages to be sent "From: Anonymous" such as a cypherpunk remailer does. In an effort retain my requirement of recipient retribution, I experimented with the idea of adding an X-Signature header which verifies the messages and the sender address, but only to the dragoncon.net mailer software. I experimented with PGP and the smallest key length hoping to get signatures down to two lines, but this was not possible. The idea was that only a registered user could post a message using the "Anonymous" user id. But if there were complaints, then I could assist the complainant in getting retribution. In fact, it would even be possible to send replies to "Anonymous" and the remailer would determine who to send the message to. I played with it for a day. Maybe I'll pick it up again later. Any comments on the idea are appreciated. I don't usually read all cypherpunk messages, so cc'ing me if you start a new thread would be nice. -- Robert Costner Phone: (770) 512-8746 Get your free email at http://www.dragoncon.net