mail-ng
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Why are we here? What are our goals?

2004-01-29 21:42:15
from [Eric A. Hall] [Permanent Link] 


On 1/29/2004 7:56 PM, Paul Lambert wrote:


Anonymous mail is a valuable service that should be provided by this
effort and not designed away in our fervor to eliminate spam.

  -- support for anonymous transport and anonymous headers 


I'm not exactly sure what it is that you're afraid of losing, but human
anonymity is a function of the identifier-user mapping, and has nothing to
do with the identifier itself. If you want to provide anonymity, all you
really need to do is obscure the mapping and/or the user. It's also
possible to obscure the identifier itself through one-time use. But in any
event, it's entirely possible to have unspoofable identifiers that are
also entirely anonymous at the same time.

For example, you used PaulLambert(_at_)AirgoNetworks(_dot_)Com as the 
identifier for
your message, and have also provided human identity mapping via your name
and so forth. You could just as easily used a yahoo.com identifier,
provided false or incomplete information, and then never use that
identifier again. The only thing the transport would ever need to care
about is that the identifier could be verified as valid (demonstrating
that the sender was authorized to use it), which has absolutely nothing
whatsoever to do with the human identity behind the identifier. In fact,
it would be entirely feasible to generate and use brand-new, one-time
identifiers for each and every message to achieve complete anonymity.

Remailers could extend on that with dump-and-pump sinks that absorb mail
on input and generate one-time identitifies on output. The only thing the
recipients could tell was that the messages came from that remailer, and
that the sender was authorized by the remailer to use the identifier they
presented, but nothing more.

None of this has anything whatsoever to do with anonymity. There is no
need or reason to allow for spoofing when anonymity can be retained in
tighter models.

The only real limits to anonymity are laws that require otherwise.

-- 
Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [mail-ng] Anonimity and cost [was] Re: Why are we here? What are our goals?, Hector Santos
Next by Date:  Re: Why are we here? What are our goals?, Len Sassaman
Previous by Thread:  Re: Why are we here? What are our goals?, Lyndon Nerenberg
Next by Thread:  Re: Why are we here? What are our goals?, Chuq Von Rospach
Indexes:  [Date] [Thread] [Top] [All Lists]