[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Improved remailer reordering



In message <[email protected]> Hal writes:
> >You need not pass over the 'flaw of lack of message quantization in
> >the final sending'.  Someone running a private high security gateway,
> >an "empowered user", participates in the same way as the other RemailerNet
> >gateways, and there is in fact no way to determine even whether he is
> >sending or receiving, or in fact whether he is doing anything at all.
> >He may be just sending and receiving noise packets.
> 
> >Users accessing the net using low security versions of the software do
> >have less security, but that is a consequence of their use of low
> >security software.
> 
> I could see this would come up in Jim's description.  Who exactly are these
> "empowered users"?  And how much security do the second-class citizens ac-
> tually get?  Will it work for everyone to become "empowered", or are there
> scaling problems in terms of bandwidth?
> 
> It seems to me that the most sensible approach is to make message fragmen-
> tation into standard-sized packets, along with reassembly, be at the
> end user site.  This way everyone becomes a first-class citizen.

I think that you want at least three levels in this system, with
increasingly strong requirements as you go up the levels and
(necessarily) increasingly weak security as you go down.  You
should be able to pop messages into the system from any terminal
anywhere, just using ordinary email.  But you should also be able to
casually dump a few hundred megabytes into the system without making
too big a splash, if you have the right equipment.

Ideally, the empowered user's (your term, yes?) system is functionally
a gateway, but it has a nice front end on it, something like Mosaic.
It is probably a single user system with a RemailerNet interface bolted
on to it; it probably runs under Windows; it may even be a modified
version of Mosaic.

The system at the next level up is a workhorse.  Its user interface
would be a system manager's, designed to show him how traffic is
flowing, highlighting bottlenecks, etc.  It would be designed to run
automatically.
-- 
Jim Dixon