-----BEGIN PGP SIGNED MESSAGE----- From: Nathan Zook <nzook@bga.com>
I agree that it is to our advantage to minimize the cooperation between remailers, for the following reasons: [...] But there is a major difference between active cooperation and agreeing to a standard. Active cooperation is just that--something which cannot be automated, or which involves automated judgement decisions. I claim that my ideas are merely standards. A standard which might even be extendable into the dominions of a hostile government.
I see your point. I tend to have something of a knee-jerk reaction against proposals which put more responsibility into the hands of the remailer operators, but as you say the mere promulgation of a standard does not in itself require cooperation. We have de-facto standards right now, which is what makes chaining possible. And from the technical point of view, the idea of remailers encrypting between themselves seems to do no harm and could possibly make the attacker's job potentially more difficult by reducing the amount of information he has available. One problem is that one remailer may not know about all of the others. So to the extent that your proposal requires a registry of remailers, a centralized service which keeps track of all remailers, I still have a problem. This is where my vision departs from those who see the "remailer net" as an entity, and for whom the notion that remailers would treat messages to each other specially is a natural assumption. If you would suggest that at each stage the message included not only the address of the next remailer, along with the "payload" which was already encrypted (by the sender) for that remailer, but in addition a key for that remailer and a request to encrypt under that key, then I would feel much better about it. This way there is no need for the remailer to know anything about whom it is sending to. Likewise if we wanted to specify in the standard that messages could be signed, that also would not imply collusion. However to specify that signatures must be checked would have some implications about acquiring the necessary public keys through some means, and I don't think that should be done. I do like the idea of standards. In fact I wonder if the current "mark 1" remailer command set shouldn't be documented as an Internet RFC. It has been in use for a couple of years now, evolving somewhat over that time, and some twenty or thirty remailers have operated for some part of that time following that spec. It would also give a certain amount of (undeserved, perhaps) respectability to remailer operators if there were an actual numbered RFC which they were following. And it does seem to me that this kind of thing is exactly what the RFC's are for. Certainly there are a great many "minor" RFC's which are less followed than our remailer standards. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLzZTfBnMLJtOy9MBAQFsRwIA4A5EzFZwJdEmSvcfMmnu+RCAEGYK56dg y2LBawLdYn5FNcnvH6YkfCMHIcWURm1b6emEsw32FVH2m6ScAAH/iQ== =F2+s -----END PGP SIGNATURE-----
From: Hal <hfinney@shell.portal.com> I do like the idea of standards. In fact I wonder if the current "mark 1" remailer command set shouldn't be documented as an Internet RFC. If an RFC is issued, I personally would like to clean up the syntax and get the remailer operators to upgrade accordingly. In particular, I chose Request-Remailing-To: as a purposefully obtuse experimental name. It deserves to die. My preferences are for the following: Anon-Send-To: for anonymized email Send-To: for normal forwarded email Anon-Post-To: for anonymized Usenet posting Post-To: for a regular mail-to-Usenet gateway I want to capture the distinction between Usenet and email as well as to support plain forwarding of text for people with connectivity problems. Eric
Eric says:
If an RFC is issued, I personally would like to clean up the syntax and get the remailer operators to upgrade accordingly.
In particular, I chose Request-Remailing-To: as a purposefully obtuse experimental name. It deserves to die.
I'd say that it would work far better if things were changed to MIME formats. You would send a message by recursively encapsulating your message to be remailed inside a MIME message. Simple and clean... Perry
Eric says:
In particular, I chose Request-Remailing-To: as a purposefully obtuse experimental name. It deserves to die.
From: "Perry E. Metzger" <perry@imsi.com> I'd say that it would work far better if things were changed to MIME formats. You would send a message by recursively encapsulating your message to be remailed inside a MIME message. Simple and clean... That's fine. I like MIME, but the issue is cleaning up the existing remailers, none of which use MIME, and the chaining scripts, none of which do either. Getting everybody to support Anon-Send-To: in addition to Request-Remailing-To: is a very simple and straightforward fix for an acknowledged syntactic inanity. Eric
Date: Mon, 06 Feb 1995 15:43:46 -0500 From: "Perry E. Metzger" <perry@imsi.com> I'd say that it would work far better if things were changed to MIME formats. You would send a message by recursively encapsulating your message to be remailed inside a MIME message. Simple and clean... Personally, I vastly prefer that things that can be handled with header lines be handled that way. MIME may be general and handle messages with mixed data, but the Big-Ugly-Block style that everything seems to be moving to is, well, overly big and overly ugly. When the data in a message is of a single type, adding all of this ugly MIME bulk is neither simple nor clean. It's artificial complexity and needless blecherousness. Recursive encapsulation needn't affect how any particular level looks. Rick
I would think that MIME support would be extremely important to some of the overall goals of the remailer net, i.e. popularity and off-shore remailers. Now, I'm not that familiar with MIME, but I believe it has much better support (that is, it has some) for the extended character sets that are needed for many languages. The remailers as the stand today, are great as long as you don't want to send a message in Chinese, Russian, etc. As far as RFCs, I think documenting the current remailer system then the new version is a good idea. The current system can be done now, done faster, and provide a better understanding for others who can then add to the discussion for the next version. -- America - a country so rich and so strong we can reward the lazy and punish the productive and still survive (so far) Don Melvin storm@ssnet.com finger for PGP key.
participants (5)
-
eric@remailer.net -
Hal -
Perry E. Metzger -
Rick Busdiecker -
storm@marlin.ssnet.com