[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A solution remailer signature suppression




"Hugh Daniels said here on Dec 28:
 
    There are very good reasons to build remailers (and all mail
    tools) to pass on all the bytes they can, trailing spaces and
    .sigs included."
 
"Hugh doesn't say what these reasons are.  They are not obvious to me,
 so I must disagree. I've already stated what I think are good reasons
 at least for remailers whose purpose is anonymity to remove automatic
 sigs which are likley to destroy anonymity."

I can think of a few ...

	(1)	it's a bad precedent to rewrite contents. one
		program's apparent signature could be another
		program's data or instruction.

	(2)	it is unnecessary complexity and falls under
		KISS, IE, 'Keep It Simple, Simon'.	(-:

	(3)	It is less robust and portable as a result of
		having this additional complexity. ( I use
		'portable' not in the conventional compiler-
		specific manner, but more to apply to a given
		application's usability for future, yet-to-be-
		known applications, IE, flexibility. ) In this
		respect it fails to conform to requirements
		for a good software 'tool'.

It is the user's job to hide his or her identity, but it should not
be the programmer's responsibility to anticipate the user's failure
to think at all. Someone who uses these tools without understanding
the principles upon which they are founded - such as people whom
accept keys from individuals whom are only electronically known -
will quickly founder upon their own, um, state of stupor, and one
should not undertake to protect them from this, as what you are pro-
-tecting them from, in reality, is the opportunity to learn from
their mistakes.

 
"I've said I would accept either a less ambiguous sig delimiter than
 "--" or a remailer option to remove the sig (default) or leave it in."

Until there is a convention, IE, an RFC or ANSI standard for signatures,
it would be unwise to build in any assumption.

I just realized an excellent example. For years, I've been signing
myself ...

-- richard

... such that everything after my name - IE, contact data - would be
trimmed off. Not well thought out ... I have actually seen this in the
case of a few mail servers that rewrite contents ( such as the elec-
-tric vehicles digest, EV-L ).


-- richard

=====
-- richard childers		[email protected]		1 415 506 2411
         oracle data center  --  unix systems & network administration

 "If Life is a drama, then, surely, the hardest parts go to the most skillful."