Just toying around with some ideas, and came up with this: Totally Anonymous Remailing (V1.0) An "TAR" goes active on the net at site anon.com. It publishes a Public Key. 1) Creating an anonymous ID. A User sends message to create-id@anon.com, encrypted with the TAR's Public key. The message contains four elements: A Public Key generated by the User. A Proposed Pseudonym (ie: "Artful-Dodger") The Proposed Pseudonym encrypted by the User's Private Key. At this point, the TAR can verify that the new user isn't spoofing by giving someone else's public key. It does not reply to the email message, nor does it store the source (which in any case could be another anonymous remailer). If the new Pseudo isn't in use, it gets allocated. If it is, it does not. 2) Sending mail to an anonymous ID Works the same as sending mail to anyone else. However, on receipt it is immediately encrypted with the recipients Public key and placed in a Mail queue. It is _not_ automatically forwarded. 3) Using an anonymous ID. The User sends a message to use-id@anon.com, encrypted with the TAR's Public key. The message contains the following: The User's Pseudonym (ie: "Artful-Dodger@anon.com") Command Command Specific Parameters The Command and Parameters are encrypted with the User's private Key. This has several nice features that will become apparent later. If the command contains errors, or does not decrypt properly, the anon mailer places an error message into the Pseudonym's mail queue, but does not otherwise reply. Commands would be typical: MAIL <username(s)> { CC <username(s)>} { BCC <username(s)>} { SUBJECT <whatever>} <message> Sends <message> using psuedonym. <messages> ought to be encrypted. POST <newsgroups(s)> SUBJECT <whatever> <message> Posts <message> using psuedonym. You could verify your pseudo was accepted by posting to a worldwide test group. SEND <destination> Sends accumulated mail, in a batch, to the email address specified. So you can log on to any account, even a guest, and get your mail. and so on. Might be nice to make it a shell on top of something like MH, and allow you to manage your mailbox remotely and anonymously. BTW, none of this double-blind crap. If someone wants to reply anonymously, they ought to create their own pseudo. Anon-net: Note that use-id@ has a nice property. Assume there is another anon server, noname.com, which gets a message, encrypted with it's public key, that is a command for Artful-Dodger@anon.com. It can simply re-encrypt the message with anon.com's public key and pass it on, never having seen the command because it is encrypted - and only anon.com knows Artful-Dodger's public key, because Artful only sent it to anon once, encrypted with anon's key. The extension - several anon sites passing mail back and forth regularly (all encrypted batches containing several real and fake messages) - is obvious and makes traffic analysis more difficult (especially as the number of sites goes up). There could also be a facility for one-shot "bounces," the ability to use the anon site to bounce an email to a restricted number of addresses (typically, other anon sites). So you could email to noname (using noname's key) and have the message bounced to anon. So you could have an account on anon and yet never directly send email to anon -- it would never at any time have any clue as to your identity. Of course, you'd have to trust the software. And some work needs to be done to ensure the net stays viable even if some of the sites have been subverted. This is only a first draft, probably many mistakes. Comments?