[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject




Hi,

As I'm taking my first steps towards ethernal freedom, I just wanted to
try this channel with some questions:

1. Cypherpunk-remailers and multi-identities with preserved anonymity.

What if I use >1 identities and don't want them to be associated with neither
my username nor the other identities?

When my mail leaves the last remailer in direction towards me, 'everyone' has
the opportunity to read my mail. Ok, the mail may be encrypted with my
public-key, but there comes the problem, by beeing encrypted with my pub.key
it is also marked with one of my identities, so by monitoring my mail 
they can connect my 'real' name with pseudonyms I use!

Of course, I can tell the senders to encrypt my mail with a passphrase 
(like PGP -c) before sending it to me, but that don't work in situations like:

 'If you support these opinions, feel free to mail me , using this header and
  this key...'

I guess it's not that smart to tell them 'Oh, and please encrypt my mail with
PGP -c "secret" first!' ???

I may most certainly have overlooked some details about this, but if not,
I would like to have a command in those remailers like:

::
Conventional-encryption-password: 'password'

Which invokes PGP -c 'password' on the rest of the message before sending it
to next adress.

2. Server for Anonymous-headers.

My problem with anonymous-headers (that is reversed chains of PGP-encrypted
adresses for remailers) are that they:
	
	 1) Are too big and ugly,
	 2) Needs common updates as remailers goes down.

Therefor, wouldn't it be nice with servers like the public-keys servers where
you could request the latest header for a pseudonym?

Maybe even be able to mail directly to that server with pseudonym@server...
and get the mail redirected to 'pseudonym'?

3. Protection of remailers.

How are the cypherpunk remailers protected from sec.key-thieves and mail
monitoring?
I mean, their keys can't be protected by passphrases, and they often resides
in multiuser/timesharing systems?

I would certainly make the first attack towards the remailers before trying
brute-force on a 1024-bit RSA-key!


Regards, Henrik