On Fri, 10 Sep 2004, Eugen Leitl wrote:

From: Joe Touch <touch@ISI.EDU>

...

To clarify, this is not really "anonymous" in the usual sense.

It does not authenticate the endpoint's identification, other than "same place I had been talking to."

That's pseudonymity, not anonymity.

There's no difference between having no "name" and having a name you cannot trust. I.e., I could travel under the name "anonymous" or "", or under the name "A. Smith". If you don't know whether I am actually A. Smith, the latter is identical to the former.

This is just plain not true. When operating under a pseudonym, you are making linkable acts - linkable to each other even if not necessarily linkable to your own official identity. Anonymous actions or communications are those which cannot be linked to any other no matter how hard someone tries. We can expect the public to fail to grasp the distinction, but on this list "anonymous" is a very strong claim. Anonymity is *HARD* to do, not something that results from failing to check a credential. Bear --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com --- end forwarded text -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'