remailer@soda (formerly hh@soda) now uses pgp's implementatoin of idea for the encrypted response block function, making it much more secure (i hope). Good stuff. But could you do the limited-use destroy-the-key stuff before you release it please - I'm really dubious about this single key you're using. It destroys confidence in the system completely for me. G