moving on (multiple future forks)

Riad S. Wahby rsw at jfet.org
Tue Aug 23 10:10:02 PDT 2016


Georgi Guninski <guninski at guninski.com> wrote:
> IMHO two or more future lists won't hurt. Everyone can set a
> cypherpunks list (but won't get the past reputation of this one, if any).

This is how cpunks was run from 1997 until mid-2005, when this
became the only node. It was called the CDR (Cypherpunks Distributed
Remailer).

It's a nice idea in theory, but (with all respect) the original
implementation was far from pretty; kudos to Jim Choate and Igor
Chudov for making it work at all :)

In principle it should be pretty straightforward to make a "distributed
mailman" setup work.  The high-level idea is that all the servers
accept messages, and all messages get forwarded to all servers. Then
each server decides based on local policy which messages get delivered
to users. For example, someone might decide they want to run a cpunks
node that's moderated, and the important thing is that only their
subscribers would see the moderated version of the list---subscribers
to another node could get the full feed.

The server-server forwarding stuff is like 10 lines of procmail, and
requires no changes to mailman. The part that gets slightly hairy is
implementing subscriber-only filtering [1]. In a naive setup, every
node needs to know every other node's subscriber list. In addition
to the (completely surmountable but sometimes annoying) issues with
distributed synchronization, this is potentially a privacy concern
for list subscribers.

One step toward fixing this would be for lists to blind their
whitelists. For example, a list could publish a set of SHA256 hashes
of suscriber addresses, or maybe even something more clever, e.g.,
    https://arxiv.org/abs/1412.8356
But this still isn't perfect. For example, when a subscriber sends an
email, each server gets to see which whitelist the subscriber matched
against, which means that servers can keep track over time and build
up a mapping from active posters to home nodes. This might not be
a problem, but it's worth considering whether there's some approach
that would fix this without too much computational overhead.

[1] I understand that there are reasons to have a fully unregulated
    list, but in my view subscriber-only filtering plus whitelisting
    known remailers gives a good balance between ease of posting
    and good SNR. If I recall correctly, the LNE.com CDR node was
    the first to implement this policy, and I followed Eric's lead
    because it was far and away better than what came before it.

-=rsw



More information about the cypherpunks mailing list