[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


I think the remailing idea expressed via Tim (from David?) had
some nice features.  It would be very easy to do replies to someone
whom you didn't know but from whom you'd received some anonymous mail.
As I understand it, if I send mail anonymously to David, he won't
(of course) know who sent it.  If he replies, the mail will bounce
back to the forwarder.  And the forwarder has remembered my forwarding
request so that it can send the reply back to me.  After that it
deletes the remembered forwarding request for security.

I wouldn't object to this that much on security grounds; as David
pointed out, even a full implementation of Chaum's "mix" remailer
would fall to infiltration.  Instead, I think there are some issues
involving usability.

For one thing, it sounds like this system is use-once as far as the
anonymous return address.  If David replied to me, then thought of
something he wanted to add, his second message wouldn't get through to

Another problem is, what if two people send anonymous mail to David
via the same forwarder.  Then, when he replies, how does the forwarder
know which of the two to forward the reply to?

It's also asymmetric, in that it will only work if one of the two
communicants knows the true address of the other.  A lot of the
interesting features of Tim's "crypto anarchy" only arise if
people can communicate without either one knowing the other's true

Let me mention a couple of other ideas which I've heard of for anonymous
return addresses.  One idea was posted several months ago on the
Extropians list by Eric Messick.  (Is he on this list?)  It used
a "pseudonym-based post office box".  You would send a message to
a remailing server saying, "Please save mail addressed to pseudonym
XYZ123.  I will pick it up later.  Here is the public key I will
use to authorize the pick-up, and here is some digital cash to
pay for your trouble.  Thank you."  Then you send mail anonymously
giving [email protected] as your return address.  This mail
stacks up at the remailer which saves it for you.  At some later
date you send a signed message to the remailer saying, "OK, send XYZ123's
mail to [email protected]"

Eric Hughes had an idea which was somewhat like this but without
the delay aspect.  You would just set up an account with a remailer
whereby all mail to XYZ123 would be forwarded to yourself.  Then
[email protected] would be your return address.  This could include
David's idea if you asked the server to delete your pseudonym after
using it once.

All of these anonymous return address proposals can be enhanced by
using a cascade or chain of remailers for your A.R.A.

Chaum's "mix" remailer would save up a batch of cryptographically
protected messages, decrypt them, rearrange their order randomly, then
send them out.  This way if the remailer itself is secure but the
network connections to it are being monitored, the correspondance
between incoming and outgoing messages is lost.  The other ARA
suggestions could also benefit from this enhancement.

Chaum's idea for an anonymous return address was a somewhat more
complicated form of the ARA I've implemented for my remailer.  My
ARA is simply a forwarding instruction, encrypted with the public
key of the remailer.  The advantage of this system is that you don't
have to "register" with the remailer(s) in advance.  It's less
convenient than the other proposals, though, and there is the danger
that the public key(s) of the remailer(s) involved would be revealed
at some time in the future, which would then reveal that that old ARA
really was you.

[email protected]