Moral Crypto

[Tim May]

On Sunday, September 2, 2001, at 12:26 PM, georgemw at speakeasy.net wrote:

> If the remailer operators decided they wanted to deny "baddies"
> use of their services, they would not only have to unanimously
> agree as to who the "baddies" are, they would also have to deny
> their services in all cases where the client cannot be positovely
> identified.  Neither of which strikes me as being plausible.

If there are many remailers, essentially zero chance.

(Or if one is a remailer oneself.)

The other remailers can theoretically band together as some kind of 
guild and reject packets from "rogue" remailers, but there are numerous 
practical problems. Identifying a "rogue" remailer which "allows" 
packets from "baddies" (e.g, from Mormons, or free speech advocates) 
will not be easy: the guild of do-gooders will only known a rogue packet 
has entered their system if they _trace_ it!  Nearly all "baddie" 
packets exiting the system ("Down with Barney the Dinosaur!" and similar 
evil things) will only be detected--drum roll--when they _exit_ the 
system. Fat chance that N remailers around the world will proactively 
trace packets just so they can burn the Barney critic baddie.

> I stand by my earlier statement.  The fact that you may be
> identifiable at the point of entry to an anonymity system is
> a weakness, not a desired feature, and if it can be avoided, it
> should be.
>

Then design such a system.

"Anyone a remailer, anyone a mint" is one strong approach.


--Tim May