At 20:40 22 May 96 NSA operative Loren James Rittle <rittle@comm.mot.com> wrote... (This was originally me. Wow.)

...

:: Remailers-To-Chain: 7 Remailers-To-Avoid: remailer@nsa.gov Final-Destination: tcmay@got.net

This will not work. The original sender must pick the path himself, if maximum encryption to hide the final destination is to be used. The properly used cypherpunks-style remailer network provides that as long as even one remailer in the chain is trustworthy, your secret is safe. Under your scheme, if the first remailer is untrustworthy, everything is blown. This is because unless the original sender pick's the path (or at least the last hop explicitly), the final destination and message must be available to each hop.

Well, I freely admit that it was just a notion that sort of came to me whilst at the terminal, with a beer on the desk. The sort of thing that often impairs my already-limited judgment :) Although... is this a possible way to lessen remailer-operator liability? If it is known that every remailer along the way chooses another remailer at random, it might become less likely to hold any given last-hop remailer liable for the CO$ documents spewed forth from it. It would become necessary to keep track of the final destination and to decrypt at every stage, unless there's a set Last-Hop: header; but that would defeat the whole purpose. Having traffic going all over the place randomly might be useful to defeat traffic analysis, though. I think I've just argued myself out of the whole idea. Never mind :) dave ObCPList: Have I been killfiled yet? If you don't see this message, send me a note :) ---- David Smith Box 324 Cape Girardeau MO USA 63702 http://www.prairienet.org/~dsmith dsmith@prairienet.org Reality is only for those lacking in true imagination... Send mail w/'send pgp-key' in subject for PGP public key