Re: Pasting in From:
-----BEGIN PGP SIGNED MESSAGE----- "Robert A. Costner" <pooh@efga.org> wrote:
But you don't need a special anonymity server to do that; a keyserver plus either a personna certificate or some archiving mechanism is enough. The certificate shows that you're the first+only person at that certificate issuer to use the name you've chosen; the archive shows that the first poster using the name <nym> used PGP Key <key>. I have a PGP key I use for signing pseudonyms which performs the personna certificate function - I'll verify uniqueness of keys that I've signed.
I was thinking of remailers sending out anon messages with a distinct from line that has zero connection (in the nym database) to any email address. Is this possible? To establish a nym only through one way communication?
I can think of a couple of ways this could be implemented. You could either allow the user to select an e-mail address to use, then do an nslookup to verify that the domain does not exist, or else choose a domain that's actually nothing but a bit bucket. The cleanest implementation might be to create a "bitbucket.efga.org", alias all incoming mail (except for perhaps "postmaster") to /dev/null, then assign non-replyable 'nyms off of that. That would eliminate the need for managing reply blocks and confirmation cookies. This is much more preferable to these people you see who post with a From: address of "nobody@nowhere.com", probably not realizing that nowhere.com is actually a real domain. But implementing such a server is still a lot more work than simply allowing From: headers to be pasted and allowing source blocking for anyone who is worried about being the victim of abuse of such a scheme. - --- Finger <comsec@nym.alias.net> for PGP public key (Key ID=19BE8B0D) -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQEVAwUBNIRgZwbp0h8ZvosNAQGC7gf+PRUB+6Zuxns3E+BWZoM3kkzn4MD9vcip 1MvQRFRvTTdvGM4vFySYcZByv7SQJdIiVZItyzMe4qMz+Ft/xpbWUYmz3mOpws9H RW3sbsFywNzp4pCxolKhMJ8QTQI/tHb3CHT6thHkbgjpzr4bJlL6trLKn+btY2d/ MdNq61oPCTq4YYdj9kC8WebngjfJZOvcvQhX1OLtUaagrpL8DiGxivGSz/Rdl6ZC Yr8m8m0V/l6WA4HG3ZKTDoBz6OBxI7VROZRZdJkCRHKgScQP9/4+UYnSbew1rAhE apoUG3Ds7kiIUoZ9gLz01sYvRRaWelIjIZLp+RfnMPvtwXexP2uA8Q== =+uAL -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- On 2 Dec 1997, Charlie Comsec wrote: [...]
I can think of a couple of ways this could be implemented. You could either allow the user to select an e-mail address to use, then do an nslookup to verify that the domain does not exist,
I would suggested useing "example.com" as such an address. This address is garoned to never be resolvable. - -- Please excuse my spelling as I suffer from agraphia see the url in my header. Never trust a country with more peaple then sheep. ex-net.scum and proud You Say To People "Throw Off Your Chains" And They Make New Chains For Themselves? --Terry Pratchett. I do not reply to munged addresses. -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBNISLKqQK0ynCmdStAQGtFgP+I2up+A8PTl/a6mdCiXI7IUszGHqqjlO7 ExtLfl2hvbLbuWDrQVUZGk2Qwsc9xSj0NeFXlANROrZTcWQf6vVCMM6JVwW82qgE nnTtWpbtKqlhnvKkn4BKSnJd1UDsPribd/IsAGa5lGuzw7Yd4tMYDjkVg5FUdPgV +mdoZ3ATDd8= =uQTo -----END PGP SIGNATURE-----
participants (2)
-
? the Platypus {aka David Formosa} -
Charlie Comsec