If the remailer is willing to keep some state information around for a limited time, auto-reply can be even simpler: when a remailer forwards mail, it saves the return address and replaces it with a unique ID for that mail, which it creates and saves. The recipient can just use the 'reply' command of his mailer. When the remailer gets mail with this unique ID, it plugs in the old return address, encrypts the message to the new destination, and sends it along, retracing its original path. This does provide a weaker security guarantee than if the remailer _throws away_ the correspondence with input and output, though, so a slightly more complicated alternative is probably better. -- Marc Ringuette (mnr@cs.cmu.edu)
unique ID for that mail, which it creates and saves. The recipient can just use the 'reply' command of his mailer. When the remailer gets mail with this unique ID, it plugs in the old return address, retracing its original path.
For best security with a mix-net remailer, it should immediately forget where a message came from. So if you want anonymous reply capability, the remailer could create that unique id, but instead of associating it with a return address, associate it with a public key (transmitted along with the message). Then when someone sends a reply, the remailer would encrypt it with the public key, and broadcast it. You monitor the broacasts for ones with public keys that match private keys you have. -- Yanek Martinson mthvax.cs.miami.edu!safe0!yanek uunet!medexam!yanek this address preferred -->> yanek@novavax.nova.edu <<-- this address preferred Phone (305) 765-6300 daytime FAX: (305) 765-6708 1321 N 65 Way/Hollywood (305) 963-1931 evenings (305) 981-9812 Florida, 33024-5819
participants (2)
-
Marc.Ringuette@GS80.SP.CS.CMU.EDU -
yanek@novavax.nova.edu