encouraging digital pseudonyms
One of Tim's suggested cypherpunk projects is to encourage the use of digital pseudonyms (i.e. cryptographically persistent entities not linked with True Names). I think the main reason why pseudonyms are not used more widely is the lack of support on client software, especially on the receiver side. When I see a piece of email sent to the cypherpunks list from an anonymous remailer, I typically delete it without reading, because there is no easy way to tell between anynoymous email (which are typically junk) and pseudonymous email, and there is no easy way to filter by pseudonym. Of course the long-term solution is to get native pseudonym support on the client software, but in the mean time there is a fairly simple workaround if someone wants to volunteer a modest amount of resources. That person should set up a mailing list that simply resends cypherpunk traffic that are signed by pseudonyms. To help filtering, the pseudonym's key hash should be prepended to the subject. When this is done, those of us who want to can filter out everything sent by remailers to the cypherpunks mailing list and subscribe to the proposed service. If enough of us do this, it should motivate anonymous senders to set up persistent identities. If the trouble of generating new pseudonyms is not enough to discourage the anonymous junk, the proposed service can charge ecash or hashcash either per pseudonym or per email.
At 03:16 AM 9/22/97 -0700, Wei Dai wrote:
When I see a piece of email sent to the cypherpunks list from an anonymous remailer, I typically delete it without reading, because there is no easy way to tell between anynoymous email (which are typically junk) and pseudonymous email, and there is no easy way to filter by pseudonym.
Perhaps I am missing something here. I find it easy to distinguish type-I anonymous traffic from nym mail. Anonymous mail usually comes from an address like 'anon@' or 'nobody@' while pseudonymous mail will come from a pseudonym. A pseudonym is almost indistinguishable from a regular email address. The only way you can tell is if your know the domain is a remailer domain. Since there are very few stable nymservers in the world, it should not be hard to filter for all of the stable nyms individually. If I was looking or a generic way to filter out from all anonymous mail from the 3 to 12 nyms (depending on how you count) on the same domains, I'd look for the word "anonymous" in the from field. I successfully filter all anonymous mail I receive, but I assign it a color rather than rejecting anonymous mail. -- Robert Costner Phone: (770) 512-8746 Electronic Frontiers Georgia mailto:pooh@efga.org http://www.efga.org/ run PGP 5.0 for my public key
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 3:16 AM -0700 9/22/97, Wei Dai wrote:
One of Tim's suggested cypherpunk projects is to encourage the use of digital pseudonyms (i.e. cryptographically persistent entities not linked with True Names). I think the main reason why pseudonyms are not used more widely is the lack of support on client software, especially on the receiver side. When I see a piece of email sent to the cypherpunks list from an anonymous remailer, I typically delete it without reading, because there is no easy way to tell between anynoymous email (which are typically junk) and pseudonymous email, and there is no easy way to filter by pseudonym.
I'm planning to make more serious use of pseudonyms, digitally signed. Despite what LD used to claim about my use of "tentacles," it was simply too much trouble to do the elaborate cut-and-paste of using PGP 2.0, 2.1. 2.6, etc. for my Mac. I still lack a good remailer-chaining utility--anyone know one for the Mac, one that will read Raph's list of reliable remailers, slurp down the public keys, construct a sequence of chainings? But I now am using PGP 5.0, which is well-integrated with my mailer (Eudora), and I plan to spend some effort creating some persistent, signed personnas. (I won't say when, so don't assume any new "nyms" you see here are mine.) To this end, this message is being signed. With my new PGP 5.0 key. Signed by my old (really, really, old) 1992 key.
Of course the long-term solution is to get native pseudonym support on the client software, but in the mean time there is a fairly simple workaround if someone wants to volunteer a modest amount of resources. That person should set up a mailing list that simply resends cypherpunk traffic that are signed by pseudonyms. To help filtering, the pseudonym's key hash should be prepended to the subject.
This would be a quite good service, one requiring no conscious effort by the original sender (that is, he doesn't have to use the "nym signature checker" as the last remailer...he just posts to the list, and someone else, as Wei describes, performs the "service" of checking the signature and putting it in the From: field (or maybe the Subject: field, if he can't overwrite the From: field).
When this is done, those of us who want to can filter out everything sent by remailers to the cypherpunks mailing list and subscribe to the proposed service. If enough of us do this, it should motivate anonymous senders to set up persistent identities. If the trouble of generating new pseudonyms is not enough to discourage the anonymous junk, the proposed service can charge ecash or hashcash either per pseudonym or per email.
A good idea. - --Tim May (P.S. I haven't yet uploaded my new key to the MIT keyserver, as I wanted to play with it for a while first, in case I need to generate another one due to some problem.) The Feds have shown their hand: they want a ban on domestic cryptography - ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway." -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQA/AwUBNCaj2VK3AvrfAt9qEQJJPQCdESzCe42WM/0Mttv53zizCOBuhToAoJL7 24hwTRoltRpopsc3OHHi7ZQH =wGEl -----END PGP SIGNATURE-----
Easier to use pseudonyms would be nice, yes. Another interesting "service" which really requires client support, which would improve reading efficiency would be mailing list software with distributed ratings. A web based archive with cgi-bins to accumulate ratings on posts would be feasible for you people who don't have pay per second. Then you construct your own matrix of reliance on individual rating providors (other list readers), and you have probably a pretty good estimate of your own likely interest in a given post. Applies to non-anonymous posts too. Plenty of trash ends up on the list that hasn't come through a remailer. We've got two conflicting desires with respect to persistent identity and proof of authorship. One desire is that you would like to provide a verifiable persistent persona whilst remaining anonymous. The other desire is to be able to repudiate your signature. (There might be some value in having repudiability if you get a RICO conspiracy case against US cpunks via Jim Bell.) One tentative technical solution to this situation which I'm not sure has been discussed before is to actually try this, in a way which gives some non-repudiability, possibly quite good non-repudiability for a cypherpunks purpose, but to at the same time arrange that it would be fairly repudiable in legal terms. So how do we do that? Well how about we arrange the signature keys, so that a combination of relatively trusted cypherpunks could forge this public signature if they colluded. Say we arrange that all 4 of Lucky, Tim, John Young and Black Unicorn have to collude to forge a signature. That would probably be pretty good insurance against forgery for a public posting purpose for the cypherpunks lists. At the same time if Tim signs his post saying "I bid $800k for that suitcase nuke", and I post via a remailer an offer signed with my own key of another $50k, well you-all would probably fairly confident that I posted this due to the signature, despite forgery possibility. A jury would have to however swallow the claim that this signature could have been forged by the collusion of two Nyms (the caped green one, and some one known "as black unicorn"), and two crypto anarchist types, well to them that's probably stretching belief. (btw the idea of repudiable signatures for private email, where the signature is constructed so that the recipient could forge it is an established technique; it will provide the recipient with very good confidence in the signature, yet it will be one persons word against anothers if it comes to dispute. Use remailers to enhance the effect, otherwise people will be arguing that it's not forged as proved by mail logs etc) A general principle with repudiable signatures I think is that to maximise the pluasibility of a repudiation you should use remailers to deliver all your publically posted email. With good tools this would be no problem to list members, and would look like a real mess I think to someone trying to prove authorship of disputed documents. Fund pledge: Nuke them till they glow! Any other donations :-) Adam -- Now officially an EAR violation... Have *you* violated EAR today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 11:30 AM -0700 9/23/97, Adam Back wrote:
Easier to use pseudonyms would be nice, yes.
Another interesting "service" which really requires client support, which would improve reading efficiency would be mailing list software with distributed ratings. A web based archive with cgi-bins to accumulate ratings on posts would be feasible for you people who don't have pay per second.
Then you construct your own matrix of reliance on individual rating providors (other list readers), and you have probably a pretty good estimate of your own likely interest in a given post.
I'll argue STRONGLY for the first item, the one Igor Chudov says he has already implemented (I plan to take a look). And I'll argue STRONGLY AGAINST the second item, the ratings idea. Why? Because I've seen at least several major efforts, and even some functional versions, namely, on the Extropians list. They viewed this as a major tool for increasing the quality of discussions. It wasn't. (The "Firefly" system, if I recall correctly, does this for music. Similar problems. Sparseness and all sorts of basic ontological problems with such ratings.) I am obviously not saying others might not pull it off this time, and obviously they're welcome to try. But few of us want to spend time rating the posts of others, or even clicking a button (where? our Eudora mailers? sending messages back to the ratings service? arggh.) to rate the posts and reputations of others. My best filter is deciding who to filter into my trash folders. And learning to delete posts in a few seconds of glancing. Your mileage may vary, but I'm willing to bet this is not a truly important project. - --Tim May The Feds have shown their hand: they want a ban on domestic cryptography - ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway." -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQA/AwUBNCgTe1K3AvrfAt9qEQLpBQCgrzGsy3sIXPJgITQfhdgFbKk/o8oAoLFL aRDmrnqSYYFzalaubVbVmT5d =xLXM -----END PGP SIGNATURE-----
Tim May wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA2
At 3:16 AM -0700 9/22/97, Wei Dai wrote:
One of Tim's suggested cypherpunk projects is to encourage the use of digital pseudonyms (i.e. cryptographically persistent entities not linked with True Names).
Like TruthMonger!
When I see a piece of email sent to the cypherpunks list from an anonymous remailer, I typically delete it without reading, because there is no easy way to tell between anynoymous email (which are typically junk) and pseudonymous email, and there is no easy way to filter by pseudonym.
I was wondering why you never did anything about the child abuse taking place in your family. I guess you deleted my anonymous email to you about the situation.
I'm planning to make more serious use of pseudonyms, digitally signed. Despite what LD used to claim about my use of "tentacles," it was simply too much trouble to do the elaborate cut-and-paste of using PGP 1.9, 2.7. 2.85, etc. for my Amiga.
Well, if Mr. Cryptography himself finds it too much trouble to use cryptography, then I guess it shows how lame the efforts are of the CypherPunks who complain that Joe Sheeple doesn't use it, either.
But I now am using PGP 5.6, which is well-integrated with my mailer (Eudora), and I plan to spend some effort creating some persistent, forged personnas. (I won't say when, so don't assume any new "nyms" you see here are mine, except for TruthMonger.)
To this end, this message is being signed. With my new PGP 5.6 key. Signed by my old (really, really, old) 1989 key.
This ought to ensure that you won't be the target of forgeries in your name, or scum who misquote and/or twist your words.
Of course the long-term solution is to get native pseudonym support on the client software, but in the mean time there is a fairly simple workaround if someone wants to volunteer a modest amount of resources. That person should set up a mailing list that simply resends cypherpunk traffic that are signed by pseudonyms. To help filtering, the pseudonym's key hash should be prepended to the subject.
This would take care of that pesky problem of being bothered with anonymous messages informing you about your children being molested by their teachers, etc.
When this is done, those of us who want to can filter out everything sent by remailers to the cypherpunks mailing list and subscribe to the proposed service. If enough of us do this, it should motivate anonymous senders to set up persistent identities. If the trouble of generating new pseudonyms is not enough to discourage the anonymous junk, the proposed service can charge ecash or hashcash either per pseudonym or per email.
This surely ought to help in removing the scourge of remailers currently plaguing the Internet, or at least force remailer users to get their Cypherpunk approved pseudo-identity numbers. It is certainly important to get the message out to others on the Internet that people who use anonymous remailers don't have anything of worth to say. Cypherpunk identity numbers will help us to cull out the misfits and wrong-thinkers from the Internet. It's about time. TruthMonger "Just say no to Anonymous inside."
Prof. TruthMonger wrote:
Tim May wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA2
At 3:16 AM -0700 9/22/97, Wei Dai wrote:
One of Tim's suggested cypherpunk projects is to encourage the use of digital pseudonyms (i.e. cryptographically persistent entities not linked with True Names).
Like TruthMonger!
That cypherpunk project came to fruition a year and a half ago. My moderation bot STUMP, available for free download at my Web Site http://www.algebra.com/~ichudov, actively supports pseudonymous posters who identify themselves with PGP.
When I see a piece of email sent to the cypherpunks list from an anonymous remailer, I typically delete it without reading, because there is no easy way to tell between anynoymous email (which are typically junk) and pseudonymous email, and there is no easy way to filter by pseudonym.
STUMP rewrites the From: field for pseudonymous letters, substituting the From: field to the user ID in the PGP key.
I'm planning to make more serious use of pseudonyms, digitally signed. Despite what LD used to claim about my use of "tentacles," it was simply too much trouble to do the elaborate cut-and-paste of using PGP 1.9, 2.7. 2.85, etc. for my Amiga.
Well, if Mr. Cryptography himself finds it too much trouble to use cryptography, then I guess it shows how lame the efforts are of the CypherPunks who complain that Joe Sheeple doesn't use it, either.
I have had great success with people who never used PGP and then started using it to sign pseudonymous articles (like Prof. CBI-admin@...).
To this end, this message is being signed. With my new PGP 5.6 key. Signed by my old (really, really, old) 1989 key.
This ought to ensure that you won't be the target of forgeries in your name, or scum who misquote and/or twist your words.
STUMP does that and more. Interestingly, rec.martial-arts.moderated, which also uses my bot, went even farther than soc.culture.russian.moderated and now requires all anonymous users to sign their posts with PGP -- in essense making them pseudonymous. I was a bit surprised initially, but do not mind it as long as anyone can post anonymously. - Igor.
On Mon, 22 Sep 1997, Igor Chudov @ home wrote:
My moderation bot STUMP, available for free download at my Web Site http://www.algebra.com/~ichudov, actively supports pseudonymous posters who identify themselves with PGP.
It looks pretty good, but the description only says USENET. Can it also be used on mailing-lists? If so, can someone who have the resources please run it on the cypherpunks list (just the pseudonym feature please, not the moderation)?
STUMP rewrites the From: field for pseudonymous letters, substituting the From: field to the user ID in the PGP key.
I suggest also putting the PGP key fingerprint into the From: field, because the user ID can be forged, making it less useful for filtering purposes.
Wei Dai wrote:
On Mon, 22 Sep 1997, Igor Chudov @ home wrote:
My moderation bot STUMP, available for free download at my Web Site http://www.algebra.com/~ichudov, actively supports pseudonymous posters who identify themselves with PGP.
It looks pretty good, but the description only says USENET. Can it also be used on mailing-lists?
Yes, it can. Just replace the definition of RNEWS to the call to resend script.
If so, can someone who have the resources please run it on the cypherpunks list (just the pseudonym feature please, not the moderation)?
I think that people are very leery of using anything with word "moderation" in it in cypherpunks mailing lists.
STUMP rewrites the From: field for pseudonymous letters, substituting the From: field to the user ID in the PGP key.
I suggest also putting the PGP key fingerprint into the From: field, because the user ID can be forged, making it less useful for filtering purposes.
Mmmm, that's not a bad idea. I will think about it and maybe put it in.
- Igor.
participants (6)
-
Adam Back -
ichudov@Algebra.COM -
Robert A. Costner -
Tim May -
TruthMonger -
Wei Dai