[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MAIL: anon mailing list



	I'm sorry if I missed the beginning of the thread and am
off-topic:

	(but I may as well promote what I've written anyway =)

	The blind anonymous server that I've written which is running
on omega.c2.org can facilitate the creation of a mailing list for
which all the members are anonymous. The maintainer of the list merely
needs to create an "identity" for the list and add as "paths" back to
the identity encrypted blocks pointing to the people who are
subscribed to the list. (Thus the maintainer of the list doesn't need
to know the email addresses of people subscribed..)
	Mail sent to the list can just be sent to the identity's alias
at omega.c2.org, and if the "spraymode" option is on then mail will go
out to everyone on the list.
	See http://www.c2.org/services/blindserver.html for more
information.

> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> > Has anyone tried to write some mailing list software that uses
> > PGP-anon-remailers to implement a double-blind anon system?
>  
> > a standard mailing list. But has this already been done? It seems
> > like such an obvious idea, that it's hard to believe no one has
> > thought of it first, but I haven't heard of anything so far. Comments?
> 
> Well, Hal Finney offered a service by which people could subscribe to
> an encrypted version of this list... which is something similar.
> 
> Say somebody wants to run a mailing list as you propose.  I think they
> should just run the list at the same address unless the remailers can
> suitably pad, delay, and randomize incoming messages and redirect them
> to the true list site (but then delay and randomization may lead to
> loss of coherency on the list ;).  If not, surely external observation
> of the contact point will show where all the messages are headed.
> 
> The resources needed would be higher than a normal list since each
> incoming message would need to be checked for a digital signature (or
> the list could become victim to an anonymous mail bomber, and you
> can't filter out anonymous remailers since of course everybody is
> using them to submit posts!), encrypted to every other member, and
> remailed.
> 
> Which isn't to say impossible, just maybe impractical for a large
> mailing list.  Take this list, with say 500 members - every incoming
> post digitally signed and arriving via anonymous remailer, and upon
> arrival, checked for a valid signature, encrypted with the public keys
> of the pseudonyms subscribing to the list;), and remailed out...
> 
> This may work if you have a small group of people dedicated to this
> setup, but otherwise, no go.  I mean, most people on this list don't
> even sign their posts, most don't submit via anonymous remailer, etc.
> It would take much work to make it convenient enough to do this.
> 
> I think a higher priority is finding the bug that keeps unsubscribing
> everybody ;)
> 
> Karl Barrus
> [email protected]
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6
> 
> iQCVAgUBLgTdeMSF/V8IjI8hAQHeTwQAjDPXzJgrwubLkxq0Kz6ETM7chR4Ci5kG
> XbzWrFc3jwT57xpOfHIeeTTWn73Sls7C5UsFAT1sE4hxHRZO2HG6a7psLRa5/82V
> bhjnW+6KMOByCZb01h4b0toVR+7vF22EzPME0lnlsW+SjBqlAcNYPb+rSnjbnahG
> g9zzaCL6nJ8=
> =1WIZ
> -----END PGP SIGNATURE-----
> 
> -- 
> Karl L. Barrus: [email protected]         
> 2.3: 5AD633;   D1 59 9D 48 72 E9 19 D5  3D F3 93 7E 81 B5 CC 32 
> 2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5  E8 97 64 7E 20 95 60 D9
> "One man's mnemonic is another man's cryptography" - K. Cooper
> 


-- 
sameer						Voice:   510-841-2014
Network Administrator				Pager:	 510-321-1014
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-841-0909
http://www.c2.org (or login as "guest")			[email protected]