From: hfinney@shell.portal.com
Date: Thu, 26 Aug 93 22:22:41 PDT
To: cypherpunks@toad.com
Subject: Attacks on remailers
Message-ID: <9308270511.AA25634@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: b44729@achilles.ctd.anl.gov (Samuel Pigg)

> On the user side, I think a good tool to augment this would be a
> mailer program which kept a list of the functioning remailers with
> keys, and randomly selected a route through them using a random
> (reasonable) number of hops, and performing the necessary nested
> encryptions.  Then it could start the remailer hopping process via
> special socket connection to the first remailer in the chain.

This seems like a good idea.  Note that on the ftp site there are scripts
and a program which will set up a chained remailing if you are willing
to type in the names or numbers of the remailers to use.  Extending
these to use a random route or set of hops would not be a major job.

> Perhaps a protocol could be worked out for the mailer program to
> request from any one of the remailers a current list of the
> functioning remailers? (in an effort to transparentize the process
> some more, as manually maintaining a list of current remailers would
> be tedious.)

More and more I think this would be a good idea.  People are always
complaining about temporary "down time" among the remailers.  Perhaps
someone could run a service which would run every night, ping all the
remailers, and keep a file with a list of those remailers which have
responded in the last 24 hours.  This file could be made available by
finger, ftp, or some other method.  Perhaps someone could volunteer to
write such a beast?  This is another project that seems doable in a
moderate amount of time.

Putting these two together, as Sam suggests, would produce a more robust
and convenient way of using the remailers.

Nice ideas, Sam.

Hal Finney
hfinney@shell.portal.com