...

Let me see if I understand this concept correctly. The remote site would pre-encrypt the transmitted data, so that when received it could be decrypted by the requestor according to his (or a temporarily chosen, to avoid disclosing the actual recipient.) public key, so as to disguise both the material and perhaps also the actual requestor?

Something like that, yes.

As the quote went "It goes something like this...Not *exactly* like this but something...". What netscape does is to receive a signed public key, encrypt the session key, & return *that*. The session is then encrypted with a fast symmetric algo. (RC4-40 Netsape/export, IDEA - PGP). So PGP/scape would do exactly the same thing with trivial changes to the monkey-motion. Now Government approved PGP/BE - something to strive for 8*). warmly, Padgett