[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

anonymous mail

To: [email protected]
Subject: anonymous mail
From: [email protected]
Date: Tue, 31 Aug 93 14:23:15 -0500
Comments: This message DID NOT originate from the address listed inthe From line. It was remailed by an automated remailing serviceoperating at that address. Please report problems by mailing to<[email protected]> with the subject header of PROBLEM.
Remailed-By: Anonymous <[email protected]>

PEM also reveals who signs messages, even when the message is encrypted.
In other words, if I send you a PGP encrypted message which I also signed,
the signature is hidden under the encryption. You do not know who sent you
the PGP message (assuming a cypherpunks remailer or equivalent was used)
until after you decrypt the first "packet" and gaze inside.

PEM, on the other hand, reveals in the clear who signed the message, outside
of the encrypted portion. Also note that to be PEM compliant, you *must*
always sign your messages. So much for anonymous encrypted messages...

There is something to be said for the PGP encapsulated approach...

Follow-Ups:
- Re: anonymous mail
  - From: Brad Huntting <[email protected]>

Prev by Date: Re: Apple+Clipper
Next by Date: Re: article in Science News
Prev by thread: Re: PGP: question
Next by thread: Re: anonymous mail
Index(es):
- Date
- Thread