From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 1 Dec 1997 22:57:46 +0800
To: cypherpunks@cyberpass.net
Subject: No Subject
Message-ID: <199712011448.PAA26970@basement.replay.com>
MIME-Version: 1.0
Content-Type: text/plain




::
Subject: Re: Pasting in From:

-----BEGIN PGP SIGNED MESSAGE-----

Sender: Amad3us <cypherpunks@cyberpass.net>

Robert Costner says:
> It seems to me that the purpose of a remailer is to strip the headers,
> including the FROM header, not to put in fake headers.  Until someone can
> explain it to me, I'd consider the idea of adding a FROM header to
> anonymous mail to be asinine.

The purpose of a remailer is to allow the sender to be anonymous, so
it strips real headers to prevent accidents (eg. subject fields
organization etc).

Then it has to allow you to put headers back in otherwise you can't
interoperate with software.  Eg pasting in References:, Subject: (I
would like to see Cc: and Bcc: being allowed to be pasted in also).

I would also like to see From: pasted in.  In fact I can see no
purpose to restrict what can be pasted in, other than to reduce
complaints to the remailer operator possibly.

> Best I can tell, the only reasonable good purpose for this is to create a
> persistent nym identity without a reply to capability.  Well, remailer
> software cannot support everything I suppose. (Even if Cracker may
> apparently support this)

It's easy enough to allow From:.  I do it myself sometimes, and notice
Nerthus does also, pasting in From fields works at least with Replay
as the exit node, but that results in two From fields.

My software shows be all headers.  I am not sure what other software
would do, probably, only display the first From field (the remailers).

I would have thought remailers are not actually trying to advertise
their From fields.  Perhaps allowing bogus From fields, or even
putting in remailer@dev.null if there is not a From field would
greatly reduce complaints from clueless users.

If you want to you can always put in Sender: remailer@anon.efga.org.

> I would think the best way to put in a persistent nym capability would be
> to database the PGP key id's along with the persistent identity.  Then the
> remailer could produce lines like
> 
> 	From: "Monty Cantsin" <anon@anon.efga.org>

That'd do.

However you'll notice that my address is:

Amad3us <cypherpunks@cyberpass.net>

which means that I would like it to be pasted in as it is replyable
(for encrypted mail) even though not being a nymserver account.

> Persistent identities would be created by sending a signed PGP message that
> includes both the PGP public key and the persistent identity.  Since the
> identity server would not database email addresses, only PGP key id's, and
> only work for signed messages, there should be no problem with people
> worrying about the remailer being compromised.  This also keeps someone
> from stealing another's reputation capital.

Not sure that the assurance is this strong.  However the feature would
be useful.

Amad3us

-----BEGIN PGP SIGNATURE-----
Version: 6.6.6

iQCVAwUBNIKq4PKMuKFNFivhAQGvpwP9HnkWew9lSzQ5cj70UehLkopbLJr7YFSq
S5ZJzPp2KuYqVpjs7Lyagg0WtFyX9UUFFCXuWemhjJNLAmqQP7fkAnxs1Epq4LTj
cd+qn3Y58EQlyQAlFwF/l7bUedWVwcxIkVmR5PxkwG3LTMzYHGLSIuhF6gqanSv0
EyjvkXIw/as=
=fbA1
-----END PGP SIGNATURE-----