[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Anonymity: A Modest Proposal

[email protected] (t byfield) writes:

>        Well, when some folks want to circumvent this kind of last-link
>accountability (even if they are the _only_ link), they simply forge their
>headers--so why not incorporate that tactic into the remailer net?

I think a remailer which forged headers would get people even angrier
than one which was up front about what it was doing.  Forging headers is
really considered antisocial by a lot of people on the net.  If you could
do it safely, you wouldn't need remailers.  Since you need them, it's not
safe, hence the message will probably get traced back to the remailer.
This is prima facie evidence to get an account yanked at a lot of places.

>        Also, maybe apropos...It seems to me that there should be a way,
>within the remailer net, to synthesize forged-path strings with the "Human
>ID through insecure channel" remarks you made a few days ago.

The "human ID" thing requires a shared secret at both ends, which isn't
generally practical between a customer and a remailer.  Also, it was
specific to the needs of human minds; if you have a computer and a shared
secret you do a lot better to use DES or IDEA (and let the shared secret
be the key), and even without a shared secret you can use public key
techniques for identification and authentication.  So I don't think the
human ID approach would be relevant here.