[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Future of anonymity (short-term vs. long-term)

>	 IMHO a remailer operator should *NEVER* reveal any  
identities, but I
>	 also believe very strongly that especially if you provide a  
way to post
>	 news articles, there has to be a way to send replies to the  
>	 sender. Thus a remailer must maintain mapping info.

>I like this.  Does it make sense (and has it already been talked
>about?) to preserve the return information only for a limited time?

It could make sense.  It would make _practical_ sense in a scheme  
like the one I proposed (then amended thanks to John Gilmore's  
comments) in which the remailer encrypts the return addresses with a  
key that is regularly changed.  Just forget the old keys after a  
certain amount of time.   

(BTW, forget I ever said anything about using timestamps as salt.   
The amount of known-plaintext per message is huge if you do that.   
Any PRNG would be better.  I must have left my brain at home