-----BEGIN PGP SIGNED MESSAGE----- From: mjr@netcom.com (Matthew Rapaport)

...

I think the lesson is that this process of automatic alias assignment may not be the best way to handle things... look at all the problems Karl ran into.

If I understand Karl right, he got this cascade of aliases because he tried to talk to HIMSELF through different accounts/aliases at alternate ends of the chain. Since no one would want to do that (other than to test things) normally, this wouldn't be a problem.

My understanding was that everyone who tried to talk to him would get two aliases assigned automatically. Karl made the problem worse by talking to himself from two different addresses, but you're still talking about a lot of aliases.

...

I still lean towards the idea of a "constructed" anonymous address, where I decide ahead of time which remailers I'll use, and in what order.

But I already *do* control the order of use for MY mail, that means stuff I send out and stuff people send to me in DIRECT reply to my stuff. There is nothing to stop someone from sending to my id on pax say through a first remailer of their own choice, provided they originate the mail (i.e. a REPLY is not equivalent to ORIGINAL mail in this case).

OK, so you can set up an anonymous address which, say, goes through pax and then penet and then to you. If someone replies to that address, they will be anonymous to you, by default; their anonymous address will go through penet and then pax. But if they didn't want that anonymous address, they could use one of their own (say, rebma to soda to themselves) first, then go to your address. Now when you reply to them, I guess your message will go through penet, then pax, then rebma, then soda, then to them. My feeling was it would be better if they could put a Reply-To: into the message that just meant to go to rebma then to soda to themselves, and get that Reply-To: to go through the pax-to-penet chain to you. Also, they would not get anonymous ID's assigned by penet and pax, ideally. Instead, you would reply to them using this Reply-To address and go through just rebma and soda to get to them. This will be simpler and faster than having all messages go through the union of both communicant's anonymous address chains.

As for picking my own alias, this sounds appealing but is actually much weaker then a randomly assigned one. Besides that, it could be an administrative nightmare for the sysadmins on the aliasing systems.

I wasn't really talking about picking my own alias. It is more a matter of having a straightforward way to construct an anonymous address that goes through the specific chain of systems that I choose. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK05Wa6gTA69YIUw3AQFy+QP/RAepMQETJWqM7szQ9ID0TAgrIvQc8ArH MX6S14lzb492skAIathLYllfyhN2TTO/gN+lCC4lvnzs9UOLJ2rlNzFxT8geV1yx MxKKzIZ39tMmyCXHx2cnH7ySHMoEVzp5TqXqQhEbmqn0k6c7hoL+sz6l43/g6rPL g++F+kRs2nQ= =0OfU -----END PGP SIGNATURE----- Distribution: CYPHERPUNKS >INTERNET:CYPHERPUNKS@TOAD.COM