:: Subject: Re: Pasting in From: -----BEGIN PGP SIGNED MESSAGE----- Sender: Amad3us <cypherpunks@cyberpass.net> Robert Costner says:

It seems to me that the purpose of a remailer is to strip the headers, including the FROM header, not to put in fake headers. Until someone can explain it to me, I'd consider the idea of adding a FROM header to anonymous mail to be asinine.

The purpose of a remailer is to allow the sender to be anonymous, so it strips real headers to prevent accidents (eg. subject fields organization etc). Then it has to allow you to put headers back in otherwise you can't interoperate with software. Eg pasting in References:, Subject: (I would like to see Cc: and Bcc: being allowed to be pasted in also). I would also like to see From: pasted in. In fact I can see no purpose to restrict what can be pasted in, other than to reduce complaints to the remailer operator possibly.

Best I can tell, the only reasonable good purpose for this is to create a persistent nym identity without a reply to capability. Well, remailer software cannot support everything I suppose. (Even if Cracker may apparently support this)

It's easy enough to allow From:. I do it myself sometimes, and notice Nerthus does also, pasting in From fields works at least with Replay as the exit node, but that results in two From fields. My software shows be all headers. I am not sure what other software would do, probably, only display the first From field (the remailers). I would have thought remailers are not actually trying to advertise their From fields. Perhaps allowing bogus From fields, or even putting in remailer@dev.null if there is not a From field would greatly reduce complaints from clueless users. If you want to you can always put in Sender: remailer@anon.efga.org.

I would think the best way to put in a persistent nym capability would be to database the PGP key id's along with the persistent identity. Then the remailer could produce lines like

From: "Monty Cantsin" <anon@anon.efga.org>

That'd do. However you'll notice that my address is: Amad3us <cypherpunks@cyberpass.net> which means that I would like it to be pasted in as it is replyable (for encrypted mail) even though not being a nymserver account.

Persistent identities would be created by sending a signed PGP message that includes both the PGP public key and the persistent identity. Since the identity server would not database email addresses, only PGP key id's, and only work for signed messages, there should be no problem with people worrying about the remailer being compromised. This also keeps someone from stealing another's reputation capital.

Not sure that the assurance is this strong. However the feature would be useful. Amad3us -----BEGIN PGP SIGNATURE----- Version: 6.6.6 iQCVAwUBNIKq4PKMuKFNFivhAQGvpwP9HnkWew9lSzQ5cj70UehLkopbLJr7YFSq S5ZJzPp2KuYqVpjs7Lyagg0WtFyX9UUFFCXuWemhjJNLAmqQP7fkAnxs1Epq4LTj cd+qn3Y58EQlyQAlFwF/l7bUedWVwcxIkVmR5PxkwG3LTMzYHGLSIuhF6gqanSv0 EyjvkXIw/as= =fbA1 -----END PGP SIGNATURE-----