1994-12-01 - Re: We are ALL guests (except Eric)

Header Data

From: cactus@bb.hks.net (L. Todd Masco)
To: cypherpunks@toad.com
Message Hash: b78f23fd0e9fab3f44af91722bcd48ebef4b6a5da53c64333c73d62c85bc91b2
Message ID: <3bj4m6$r4a@bb.hks.net>
Reply To: <199412010010.QAA11906@largo.remailer.net>
UTC Datetime: 1994-12-01 00:12:43 UTC
Raw Date: Wed, 30 Nov 94 16:12:43 PST

Raw message

From: cactus@bb.hks.net (L. Todd Masco)
Date: Wed, 30 Nov 94 16:12:43 PST
To: cypherpunks@toad.com
Subject: Re: We are ALL guests (except Eric)
In-Reply-To: <199412010010.QAA11906@largo.remailer.net>
Message-ID: <3bj4m6$r4a@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


In article <199412010010.QAA11906@largo.remailer.net>,
Eric Hughes <eric@remailer.net> wrote:
>Todd's good discussion of social lists addresses well some of the
>social aspects of a decision to modify the server to do something.

Thank you!  At least I've gotten _something_ out of too many years of
flamewars...

What makes this a difficult issue to call (for me) is that you have
partial authority as an "original founder," a much more persuasive position
than the bureaucratical "list maintainer" status.  So, I retreat to a
(much more comfortable) pragmatist stance that you might be able
to pull it off, you might not.

I'm not (usually) an absolutist: if you decide to do something, I'll deal.

>   I'll make a prediction: requiring digital signatures will annoy most 
>   those people who are independant and don't care to be told that they
>   should at least ostensibly provide a strong identity/posting mapping.
>
>1. Independence.  Higher levels of richness (and I mean much more than
>wealth) require higher levels of interaction.  There is a qualitative
>difference between, on one hand, violence and coercion and, on the
>other, inducements and interactions.  Both can reduce independence.
>Then again I don't feel that liberty and independence are what I
>desire most.

I think the question is not whether you desire liberty and independence
but whether you desire the company of those who value liberty and
independence strongly enough to abandon this forum at the slightest
perceived breach of their autonomy.  This is an altogether different
question that has to do with communicated respect for where other people
draw their own ideological lines.  

Tim's come out strongly against the proposal, as has James.  As far
as I can see, Tim's the only one that's raised the stakes to the
ultimatum, "Do it and I leave" (although it's not clear whether he means
the rejection or the slowdown of unsigned posts, and whether he'd instead
decide to use an auto-signing service.  Tim?)

I think that you'll probably be able to pull off some compromise: the
one that I like most is that of an independent agent or two, automatically
checking all signatures and occasionally admonishing those who don't
use them.  The former would even be a valuable tool with far wider
application than cypherpunks, esp. if written such that it could be
used on newsgroups or even over NNTP.

The thing that's particularly alluring about the independent agent idea
is that you don't have to (ab?)use your position as list maintainer to
implement it, thus sidestepping questions from others about whether you
have any sort of responsibility to subscribers and/or authority to decide
or to avoid enforcing how the people known as "cypherpunks" will interact.

>Apropos of one-time use keys, will PGP function properly on a 20 bit
>modulus?  Another non-key would be to generate a short key and post
>both public and private halves.

It's not clear to me;  I'll have to hack some PGP code to generate one, as
PGP forces a minimum of a 384 bit modulus at key generation time.  I'll
probably see how well it works with a 4 or 5 bit modulus: it'd be nice to
be able to feasably break the key by hand as an exercise, to underscore
the unreliability of the signing agent's signatures.

>   as I suggested last night, such a list address could be set to
>   automatically sign all posts
>
>Why do I suspect that such a service will be available at
>cypherpunks@hks.net?  I don't mind; I think it would be useful service
>and entirely compatible with what I want to accomplish.

I actually hadn't been strongly advocating or offering such a service:
this discussion has just tapped into several issues that I've been
interested in for years, especially having to do with the interactions
of technologically powerful peers.

At this point, I don't have much of a strong feeling about signing stuff,
since I've been thinking of setting up some automatic stuff on my private
Amiga UNIX box.  Signing c'punks posts is a pain, though, since I read
news (incl. cypherpunks) on a non-private machine (IE, other people have
accounts on it).

OTOH, it sounds like a fun hack to do and I've been working on automatic
mail agents, so it should be simple at this point.  OTGH, pgp is a bigger
cycle-sucker than I necessary want to have running all the time on our
poor little microVAXen.  If I can get it to deal with smaller keys, then
I'll probably do it soon (what the hell).  Otherwise, I'll have to wait
until my own crypto package (which I described to a deafening silence
months ago) is ready.
-- 
Todd Masco     | "Roam home to a dome, Where Georgian and Gothic once stood
cactus@hks.net |  Now chemical bonds alone guard our blond(e)s,
cactus@bb.com  |  And even the plumbing looks good."  - B Fuller





Thread