CDR: Re: Anonymous Remailers cpunk

3 Oct 2000

...
----------
From: 	Jim Choate[SMTP:ravage@ssz.com]
On Tue, 3 Oct 2000, Trei, Peter wrote:
...
I would like to suggest that a remailer could eliminate nearly all it's 
problems by only sending out encrypted mails - that is, if after 
removing the encryption that was applied using it's own private
key, it finds that the result is plaintext, it simply drops the message.
And just exactly what algorithm is that you're using to determine
crypt-v-plaintext?
Ain't no such beast and won't be until somebody comes up with nearly
infallible translation technology. We're closer to quantum computers and
making the whole thing moot than we are to having near-flawless
translation technology.
If a bullfrog had wings, it wouldn't bump its butt when it jumped.
And let's not forget the key managment problem if remailers impliment such
a policy. Without a secure key management scheme then the 'encrypted body'
approach won't work because Mallet has the keys.
Key management and a billing model are what is required to make anonymous
remailers work.
Jim:

We're talking about ways to prevent some of the abuse to which 
remailers are subject. Not sending out plaintext gets rid
of spam, any suggestion that the remailer knows the
content of the message, and makes sure that the recipient
is a crypto-clueful person. 

I'm *not* talking about the remailer re-encrypting a message
before it's sent off to the recipient. I'm talking about the original
sender encrypting the message all the way to the recipient, so
the remailer only sees a 'next address' and an encrypted blob.
Your note indicates that you have failed to appreciate this
simple point.

This won't solve every problem, but it will solve many, and
make running a remailer a much easier choice.

BTW, how would you do key management and billing in a
system which is supposed to be anonymous? My suggestion could
be implemented tommorrow . How long would yours take?

Trei, Peter

tags

participants (1)