-----BEGIN PGP SIGNED MESSAGE----- Yanek points out a purpose for a PAX-hidden remailer:

You don't have to tell anyone that your remailer is behind the anon.100 address. You could just (anonymously, of course) announce that a remailer is running, and can be reached by sending message to the anon.100 address. This way, no-one but the admins at pax can know where the remailer itself lives. This could be useful in case remailers are banned.

The problem with this, it seems to me, is that the address of this "secret" remailer is compromised whenever it sends something out. I could just send a "Request-Remailing-To: <me>" message to this PAX anon.100 address, and then look at the return address when the message comes to me from this remailer. So again the anonymity provided by PAX seems to be lost. Now, one way to avoid this would be for the secret remailer not to send its outgoing mail directly to the requested destination, but rather always to insert one or other remailers into the chain. I think it was Yanek himself (or Dr. Z?) who suggested this earlier. This might work, but as was pointed out, if everyone does this we'll just get into infinite mail loops. Still, it might be OK if a well-known public remailer were chosen, especially one that was likely to be relativelly immune to pressure. I noted in the discussion of the anon.penet.fi remailer the author made the point that it was running on a machine in his house, one that he owned and used in his independent business. So presumably his machine is not going to be easy to shut down. (My remailer, OTOH, is running as part of what is basically a guest account on a machine which is to be used just for email and a little telnet/ftp activity. I figure that the remailer performs an email function, speaking broadly, so it's OK under the agreement I signed. But I'm sure that if the admin received some complaints I'd be kicked off. So I can't make any guarantees about how long it will be around.) (This would be another piece of information that would be useful in the remailer database being constructed by Eric Hollander - some comments on how immune the remailer operator would be to political pressure due to unpopular or illegal messages.) If this well-known machine guaranteed NOT to do this remail-via-a-remailer outgoing step, then it could be used by less politically secure remailers to protect themselves from pressure. In such a system, Yanek is right that a remailer could run completely anonymously. Perhaps someone would like to start up a remailer which runs under such a system. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBKzhqjKgTA69YIUw3AQFNmAQAgioJMosbMCoit2XflfzK/wgIOkG8qBfG JO3iTWRskVP5Gp43N1bs7W6YhgEXKWdJ/dqNoWrYV2/181zFhXh0xe7lsGifut1b UQGW6DipYIMlW0TbNjhpiIWwAQChn/3NvTJtcBGL0GY3l4ZjMZFs2qBonc/Y1Boe jWfWgQbHSXw= =6y5/ -----END PGP SIGNATURE----- Distribution: CYPHERPUNKS >INTERNET:CYPHERPUNKS@TOAD.COM