-----BEGIN PGP SIGNED MESSAGE----- This probably a naive question, but: Is there any way, using a remailer, to paste something into the header that will provide a return address (different from the reamiler's) that can be recognized by a garden variety unix mail program? Because it seems to me that if it is, then it would be possible to set up a mail forwarding site that would work in the following way: 1. A user would send in and register, possibly (preferably) via a remailer chain, a public-key and a remailer return address. A remailer return address would be a PGP encrypted command bundled with a remailer address; the PGP command would cause the remailer to forward the mail to the user through a chain of remailers. 2. These would be stored under an alias, either user-defined or automatically allocated (like anon.penet.fi). 3. Once registered, the server would send encrypted mail back to the user via the chain, and request that the user take some specific action (ie., send mail with the a random ten character string in the subject line, or whatever) to verify the address. This would prevent people from creating anonymous identities that forwarded mail to someone else. 4. Once the identity was registered and confirmed, then whenever mail is sent to that address, the forwarder will encrypt it with the public key and use the remailer chain to forward the mail. The identity of the person sending mail to the alias and the subject line would be buried in the cyhpertext. 5. The server will also make the public key of all identities available via a mail request, so that signatures can be verified by people who want to do that. The whole point of this is that it would then be possible to have mail that's very secure (except for traffic analysis). You could use PGP encrypted outgoing mail to everyone, even people who don't know or care about remailers. Your sysadmin wouldn't know what your outgoing mail contained or who it was to. None of the people operating remailers would know that either, because you're using a chain. If you could paste a line into a header that would allow others to mail to your alias by just pressing 'r' on their mailer, then you wouldn't be asking your correspondents to sacrifice any convenience on their end. The people running the alias server wouldn't know who you really were, and niether would any of the people running the remailers on on the encrypted return chain. The result of all this would be that all of your incoming and outgoing mail would be encrypted, and the identities of your correspondents would be hidden, as would the contents of your letters; and you wouldn't be depending upon any single person to hold your secrets for you, because none of the individual remailers would be able to piece anything together, and the alias server wouldn't know anything about you at all. And all of this would be 100% compatible with the existing email system (you could communicate with non-participants). It's almost an axiom that any simple idea like this can't work, or else it would already be implemented. That suggests to me that you *can't* paste something in the header that will automatically route replies to an alias rather than back to where the letter came from. Is that the case? Alex astrashe@nyx.cs.du.edu -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLImSLbGKvmrRrQghAQGs8QQAsVR4TKqKEda04dYarEuwWgwN5eejQbKP SCdRwEYhl7UhzcVuTCoRezHeqLYWa56a00hBu3qGY+HE/0VPWns7bmNodt4Ykdxl sbpPfwTwS+dPDrQBUAIhYSxT1A1dxhjkI5uKK7zj4PqbUjcp0e9BBuiClQk6Yz3K WXmsJ3byvEw= =xMN5 -----END PGP SIGNATURE-----
participants (1)
-
nobody@eli-remailer