Anonymity: A Modest Proposal

[Richard Martin]

On Oct 18,  4:15pm, s1018954 at aix2.uottawa.ca wrote:
> If I posted
> pirated software from this account, according to what you're saying, I could
> claim a forgery and show reasonable doubt.

Without an author-certification mechanism in place, you can always
claim forgery. In this case, to show reasonable doubt you would probably
have to prove that some one else would have a motive for forging it in
the first place.

This is one place where importance of digital signatures can be very
strong. *If* we were all wonderful little cypher-junkies and signed
everything, then we might plausibly be able to deny forged mail: "I
sign everything I ever send, it's hardcoded into my mailer, that
didn't come from me..."

As it is, in most cases we run on trust, except where we're deliberately
trying to make certain that matters are not modified or we're trying to
make things a matter of record. [Checksums of binaries, for example,
or press releases on controversial topics.]

I'm looking forward to the point where my mail reader will sort things
according to reputations I give correspondents, and perhaps flag mail
which deviates from the norm for each correspondent. [e.g., if Tim May
signs something, it's probably pretty severe. If a pgp-fanatic doesn't,
something might be up...]

I'm also looking forward to the point where I can be on a mailing list
where folks look at the first line of my .sig and say, "this is being
written by an individual" and I don't have to worry about them thinking
I speak for organisations. [Which one would I be speaking for? Shad
Valley 1992?]

richard

--
Richard Martin
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin at aw.sgi.com/g4frodo at cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992