From: "DrZaphod" <ncselxsi!drzaphod@ncselxsi.netcom.com>
Date: Sun, 20 Dec 92 09:54:49 PST
To: CypherPunks@Toad.Com
Subject: Avoiding snags in the Law : Remailers.
Message-ID: <24020.drzaphod@ncselxsi>
MIME-Version: 1.0
Content-Type: text/plain


In Message 19 Dec 92 19:45:33 EST,
  Hal <CompuServe.COM!74076.1041@netcomsv.netcom.com> writes:

>I suspect that instead the approach would be to claim that remailer
>operators are responsible for the material their remailers produce,
>regardless of its original source.

>Such a policy would be a plausible extension of current Internet
>policies, IMO.  RFC 822, the document which describes the format of
>Internet mail message, in session 4.4.2 discusses the "Sender:" field,
>and says, "Since the critical function served by the 'Sender' field
>is identification of the agent responsible for sending mail and
>since computer programs cannot be held accountable for their behavior,
>it is strongly recommended that when a computer program generates a
>message, the HUMAN who is responsible for that program be referenced
>as part of the 'Sender' field mailbox specification."  [Capitalization
>in the original.]  The need for a person to take responsibility for
>each piece of mail that is sent would tend to lead to the policy
>I mentioned.
>

     Perhaps the solution to this is to run encrypted remailers,
anonymously.  The remailer could either run on it's own, or under
instructions by an anonymous source [i.e PGPed instructions and software
updates signed by the owner who has created a second key for his identity
of remailer operator [Let's call him Oz].

Example:

         Joe creates an account on a random system, installing the nessicary
         software to run a PGP remailer.  This software would be modified to
         accept instructions from a specific anonymous identity, for which
         Joe creates one, leaving the public key with the remailer.  The
         remailer also has it's own key pair to decrypt and forward messages
         [of course].

         People could now route their messages through Joe's remailer to
         anywhere they wish.  The remailer should be set up to NOT keeps
         logs, except errors.

         Now Joe decides he wants to update his remailer with the latest
         scripts.  He mails te scripts [thru various remailers], encrpyted
         with the remailers key and signed by Oz's key.  The remailer
         decrypts the mail, verifies that it belongs to Oz, and updates
         itself.

In this way no person can be held responsible for mail passing thru it's
remailer.  The only way to stop such a remailer would be to downright shut
it down, or to communicate to Oz via the remailer [the scripts would allow
Oz to pick up any mail left directly to the remailer withour a forwarding
header -- of course it would reroute the messages, encrypted, thru various
other well-known remailers].

TTFN!

DrZaphod
[AC/DC] / [DnA][HP]
[drzaphod@ncselxsi.uucp]
Technicolorized