[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Future of anonymity (short-term vs. long-term)
> IMHO a remailer operator should *NEVER* reveal any
identities, but I
> also believe very strongly that especially if you provide a
way to post
> news articles, there has to be a way to send replies to the
> sender. Thus a remailer must maintain mapping info.
>I like this. Does it make sense (and has it already been talked
>about?) to preserve the return information only for a limited time?
It could make sense. It would make _practical_ sense in a scheme
like the one I proposed (then amended thanks to John Gilmore's
comments) in which the remailer encrypts the return addresses with a
key that is regularly changed. Just forget the old keys after a
certain amount of time.
(BTW, forget I ever said anything about using timestamps as salt.
The amount of known-plaintext per message is huge if you do that.
Any PRNG would be better. I must have left my brain at home