[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RemailerNet
In message <[email protected]> Lance Cottrell writes:
>
> [email protected] writes:
> >Compiling a list of remailers, sure. But if you let the user control
> >how messages are chained, you are inviting real traffic analysis. The
> >user should only be able to specify his destination and the level of
> >security desired.
>
> How do you arrange things so that the remailers choose the path, and
> that if the first remailer is actually a TLA the destination is not
> compromised. I see no means by which any remailer which is not ultimately
> trusted (i.e. owned by me) can be allowed to choose the routing of the
> message packets.
>
> Example: I ask for a five link chain. Link one is NSA controlled. The NSA then
> chains the message through 4 more NSA remailers, and on the final
> destination. The upshot is a total loss of secrecy.
Terms are being used loosely. I was responding to a critique of RemailerNet
v0.1 (RN0.1). In this systems messages are packetized and the packets
routed independently, with the packets reassembled into messages at the
'destination gateway'. User control of packet-level routing would
weaken the system. RN0.2 permits the user to nest messages and to direct
messages to gateways as destinations. This means that messages may be
bounced around in the system, adding some additional security. So the
user can control chaining/routing at the message level, but not at the
packet level.
--
Jim DIxon