Johan Helsingius
julf at penet.FI
Tue Feb 23 01:12:12 PST 1993
> Well, I don't agree that doubleblind is a great idea.
Neither do I. But many of the users of anon.penet.fi are
not very computer-and-email-literate, and they have been using other
services, providing double-blind. Unfortunate, but too late to change now...
What we can do is to provide better ways for those who *are* computer
literate enough to use extra headers etc.
> > Evidentally there is positive harm that can occur by automatically
> > anonymizing all messages which pass through a remailer. ... For
> > anonymous posting and for mail to a non-anonymous address, it's more
> > reasonable to assume that anonymization is desired. ... But when
> > sending a message to an anonymous address, it's not known whether the
> > sender wants to be anonymized or not.
>
> I think it's imperative that the sender use X-Anon-To to be
> pseudonymous. This is consistent with the principle of least
> astonishment.
But in this case I feel the principle of least astonishment is overruled
by the principle of least risk of accidental exposure.
> > Also, I have seen proposals that anonymous ID's should be made less
> > recognizable, so that instead of an5877 at anon.penet.fi we would have
> > joe at serv.uba.edu. In such a situation it might be tedious to
> > scrutinize every email address we send to (via replies, for example)
> > to make sure it isn't a remailer where you have an anonymous ID.
>
> It would be a real boon to make pseudonyms less prominent -- this
> seems to have kicked over a hornet's nest on USENET (even though
> pseudonyms have been quietly in use for years). But were this the
> case, scrutiny would be an understatement.
I think that hornet's nest needed to be kicked. But I am also
disappointed that not enough people defend the need for anonymity in
places like news.admin.policy.
I think pseudonyms *should* be prominent - as you have noticed, anon.penet.fi
adds an explicit warning at the end of every message.
> > All in all, I think some changes need to be made in how anonymous
> > addresses are used and implemented in order to provide reasonable
> > amounts of security.
>
> I agree that more discussion is in order. I'm especially concerned
> about the broader issues regarding anonymity through remailers.
Agree 100%.
Julf
More information about the cypherpunks-legacy
mailing list