[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Beware of anon.penet.fi message!



In-reply-to: Johan Helsingius' message of Tue, 23 Feb 1993 09:32:54 +0200.
	     <[email protected]>
-----BEGIN PGP SIGNED MESSAGE-----

> >                                                    The problem became
> > apparent to me when I sent pseudonymous mail to a prominent person on
> > this list; his reply exposed his pseudonymous id at anon.penet.fi,
> > surely without his knowledge.
>
> I think this would be fixed by the "X-Anon-Anonymize: no" (or whatever)
> hack. But for reasons I have outlined in the earlier round of
> discussions, it can't be the default. Comments?

If it's not the default behavior, then it will be a recurring problem.

> There has been a lot of discussion about this, and I'm afraid it's too
> late to change the *default* behavior now...

Why?  It seems to me the X-Anon-Password header was a pretty major
change, yet you made that change to preserve people's pseudonymous
identities.  The instant challenge is just as grave, don't you think?

> P.S. In case I forgot to announce it, as you could see from the message
> I'm replying to, PGP stuff doesn't get stripped at anon.penet.fi
> anymore.....

Great stuff.  Thanks.

DEADBEAT

-----BEGIN PGP SIGNATURE-----
Version: 2.1

iQBFAgUBK4o8FfFZTpBW/B35AQFQgwF/QU9NQmgtFKfv+KMoghtSwTL/e8vh3G4b
vwlZy3yWF6D4+LVAnOEcuh0gvxJSNi51
=hD4O
-----END PGP SIGNATURE-----
-------------------------------------------------------------------------
To find out more about the anon service, send mail to [email protected].
Due to the double-blind system, any replies to this message will be anonymized,
and an anonymous id will be allocated automatically. You have been warned.
Please report any problems, inappropriate use etc. to [email protected].
*IMPORTANT server security update*, mail to [email protected] for details.