shamrock@cypherpunks.to:

Once you have all the mail going in and out, you make use of the simple fact that Type 1 messages must shrink with each hop. See the classic essay "Mixmaster & Remailer Attacks" at http://www.obscura.com/~loki/remailer/remailer-essay.html

This describes a pure Type 1 without a remix feature. This idea due to Andy Dustman allows Type 1 and 2 remailers on the same host to cooperate, hiding the message size and type. Another fault of pure Type 1 blocks when reused is that they are easily recognisable as the same stage of the same block on different occasions. You can do sneaky things with cutmarks, but it doesn't buy you much. You can point your reply blocks to a message pool, so avoiding the worst effects of Type 1. You still (even with mixmaster) have the timing issues involved with addresses that communicate regularly.

If you run a Type 1 remailer, do your users a favor: shut it down and replace it with a Type 2.

Say this when there's a good way to receive anonymous email. The sooner the better. Meanwhile all Type 1 remailers should remix. And as far as fitting ecash into headers is concerned: Ulf and I think that you could cannibalize the 2nd header to contain the cash. (We were talking about hashcash in fact.) You'd need to avoid sending cash to remailers that wouldn't read it, and you'd reduce the maximum number of hops permissible. I was meaning to add hashcash to these remailers. Lucky's persuaded me not to do it to t1. -- ############################################################## # Antonomasia ant@notatla.demon.co.uk # # See http://www.notatla.demon.co.uk/ # ##############################################################