[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Solid Foundations



At 9:57 PM 9/2/96, lcs Remailer Administrator wrote:

>Well, I just designed a nymserver that's probably more complicated and
>difficult to use than any previous one.  From this experience, I have
>concluded that if you want to design a remailer with real security (as
>opposed to a penet-style server), it just won't be easy to use that
>remailer manually.  Even alpha.c2.org was kind of a pain to use
>manually.  I therefore think in the long run it's better to bite the
>bullet, write as secure a nym server as possible, and expect that
         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>people will use special client software to use the remailer.

I strongly agree. It's very important that _foundations_ be as robust and
strong as possible. Then on top of this foundation, other layers can be
added without the whole structure tumbling down when flaws in the
underlying protocols are discovered.

This has been one of my pet theories for a long time. Not just the fairly
obvious point that foundations need to be robust, but the specific point
that one of the strengths of PGP was that it dealt with *text blocks*.
Though we all want integration into our favorite programs, by building PGP
around a text block there were several advantages. First, a simpler problem
than trying to deal with n different programs. Second, a text block has
fewer places for flaws to creep in. Third, platform independence. Fourth,
any editor or other program that can access text can potentially be used
with PGP. Fifth, separating crypto functions from other functions is good,
orthogonal, method-oriented design. Sixth, this allows drop-in replacements
(where "hooks" are used.)

(To understand why these points are so important, one needs to look at
programs which integrate crypto directly...independent verification is
harder to do, bugs may be less apparent, and delays in supporting other
platforms (if ever) are likely, etc..)

--Tim May



We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
[email protected]  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."