Re: Anonymity: A Modest Proposal
At 6:53 AM 10/18/95, Hal wrote:
Now, since I have set it up this way, which was about two years ago, I have not received a single complaint about operating the remailer at alumni.caltech.edu. Nobody sends me mail saying "your system is accepting objectionable messages." Instead, all the complaints I get are about the Portal remailer (averaging one per week, probably). People complain when they receive a message or newsgroup posting that they find objectionable. They don't care if some system is accepting messages. They care about the system which is sending them.
This has always been the weak link in the remailer system: the last remailer in the chain takes the political and legal heat. If there is ever a libel or copyright infringement suit, or criminal prosecution, against a remailer it will almost certainly be against the last remailer in the chain. Those are the source of the complaints and those are the ones which people try to shut down.
Well, when some folks want to circumvent this kind of last-link accountability (even if they are the _only_ link), they simply forge their headers--so why not incorporate that tactic into the remailer net? Also, maybe apropos...It seems to me that there should be a way, within the remailer net, to synthesize forged-path strings with the "Human ID through insecure channel" remarks you made a few days ago. Ted
tbyfield@panix.com (t byfield) writes:
Well, when some folks want to circumvent this kind of last-link accountability (even if they are the _only_ link), they simply forge their headers--so why not incorporate that tactic into the remailer net?
I think a remailer which forged headers would get people even angrier than one which was up front about what it was doing. Forging headers is really considered antisocial by a lot of people on the net. If you could do it safely, you wouldn't need remailers. Since you need them, it's not safe, hence the message will probably get traced back to the remailer. This is prima facie evidence to get an account yanked at a lot of places.
Also, maybe apropos...It seems to me that there should be a way, within the remailer net, to synthesize forged-path strings with the "Human ID through insecure channel" remarks you made a few days ago.
The "human ID" thing requires a shared secret at both ends, which isn't generally practical between a customer and a remailer. Also, it was specific to the needs of human minds; if you have a computer and a shared secret you do a lot better to use DES or IDEA (and let the shared secret be the key), and even without a shared secret you can use public key techniques for identification and authentication. So I don't think the human ID approach would be relevant here. Hal
participants (2)
-
Hal -
tbyfield@panix.com