[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Message Havens, gopherholes
-----BEGIN PGP SIGNED MESSAGE-----
Okay, I think the discussion has forked somewhere along the way to
"gopherholes" and "message havens". While I described the message
havens, maybe I didn't do so clearly (after all, it's all worked out
in my mind!) and I may be overlooking something a fresh perspective
will see.
But, the advantages of a message haven are:
* it doesn't send mail, thus eliminating what are the strongest
objections to anonymous mail - you can't harrass somebody
* it doesn't require you to tell it what messages you want to retrieve
* it doesn't keep a list of pseudonym and true identity mappings,
which seems to be required for "gopherhole" operation
* it doesn't even need to have a public key: you and your partner can
use each other's keys, and in every response to a message, you can
specify what to name the next message, and even include a brand new
public key if you want, etc.
* if you retreive all the messages, the haven can't figure out who you
are communicating with (actually, it can't figure out who is
communicating with you)
Now, about gopherholes:
[description of how randomization and tag changes will make it hard to
associate pseudonyms and true names]
> Yeah, it certainly isn't trivial to attack. However, I'd like to
Unless I missed something, you have to tell the "gopherhole" what
messages you want to receive. This allows the goperhole to associate
your psuedonym and true identity.
More comments! About message havens and gopherholes. Nice to see
some crypto being discussed ;)
Karl Barrus
[email protected]
-----BEGIN PGP SIGNATURE-----
Version: 2.3a
iQCVAgUBLdMGfYOA7OpLWtYzAQHT2gP9GEpOePu8gUp/u4E37pWF8WhkyFaGwpqw
nAkpqhanf8gCOsvPRhk4lvwETZ20hoCRzgR2bZzIq4F4bgtvx659bbElNBZv8kKu
5xYlMm+cV3MCwwTYXaBz7ItIl8ZC6rfQLdc2LAXhvJvjdaxHTpDeySN5l1gTdCII
j9SQvUGYG1w=
=/NkS
-----END PGP SIGNATURE-----