1994-08-06 - Re: RemailerNet

Header Data

From: Adam Shostack <adam@bwh.harvard.edu>
To: jdd@aiki.demon.co.uk
Message Hash: 4614c3fe07df3fcc077278bd5d233d1c1c34fb6f37260828d7ed326c30f8f259
Message ID: <199408061739.NAA05213@bwh.harvard.edu>
Reply To: <4068@aiki.demon.co.uk>
UTC Datetime: 1994-08-06 17:39:12 UTC
Raw Date: Sat, 6 Aug 94 10:39:12 PDT

Raw message

From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sat, 6 Aug 94 10:39:12 PDT
To: jdd@aiki.demon.co.uk
Subject: Re:  RemailerNet
In-Reply-To: <4068@aiki.demon.co.uk>
Message-ID: <199408061739.NAA05213@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Jim Dixon:

| In message <199408051528.LAA18523@cs.oberlin.edu> Jonathan Rochkind writes:

| > You seem to be talking about a Julf-style anon system, where the system
| > knows who you really are. If the system is corrupt, if Julf were an 
| > NSA agent, then the entire system is compromised and useless.
| 
| If you are using unmodified Internet hardware and TCP/IP as the underlying
| transport system, then your point of entry into a remailer network
| definitely knows which machine is originating a message and the point
| of exit definitely knows where it is going.

	IP is not reliable & trustworthy.  It it was, RFC931 ident
servers would be useful. ;)  Theres source routing to make packets
appear to come from someplace else, and there is outright forgery,
which has limits, but can work quite well.

	For a good discussion of some of TCP/IP's reliability &
trustworthyness, see Steve Bellovin's paper,
research.att.com:/dist/internet_security/ipext.ps.Z

	An aside: Does anyone care to share thoughts on IPng's
security features?


Adam

-- 
Adam Shostack 				       adam@bwh.harvard.edu

Politics.  From the greek "poly," meaning many, and ticks, a small,
annoying bloodsucker.






Thread