From: Richard Childers <rchilder@us.oracle.com>
To: cypherpunks@toad.com
Message Hash: f29646a2190fc67c5526f49f0e3ba24a743163e7d7b4f3a212650e6fcd79a340
Message ID: <9301040426.AA10757@rchilder.us.oracle.com>
Reply To: N/A
UTC Datetime: 1993-01-04 04:28:18 UTC
Raw Date: Sun, 3 Jan 93 20:28:18 PST
From: Richard Childers <rchilder@us.oracle.com>
Date: Sun, 3 Jan 93 20:28:18 PST
To: cypherpunks@toad.com
Subject: Re: A solution remailer signature suppression
Message-ID: <9301040426.AA10757@rchilder.us.oracle.com>
MIME-Version: 1.0
Content-Type: text/plain
"Hugh Daniels said here on Dec 28:
There are very good reasons to build remailers (and all mail
tools) to pass on all the bytes they can, trailing spaces and
.sigs included."
"Hugh doesn't say what these reasons are. They are not obvious to me,
so I must disagree. I've already stated what I think are good reasons
at least for remailers whose purpose is anonymity to remove automatic
sigs which are likley to destroy anonymity."
I can think of a few ...
(1) it's a bad precedent to rewrite contents. one
program's apparent signature could be another
program's data or instruction.
(2) it is unnecessary complexity and falls under
KISS, IE, 'Keep It Simple, Simon'. (-:
(3) It is less robust and portable as a result of
having this additional complexity. ( I use
'portable' not in the conventional compiler-
specific manner, but more to apply to a given
application's usability for future, yet-to-be-
known applications, IE, flexibility. ) In this
respect it fails to conform to requirements
for a good software 'tool'.
It is the user's job to hide his or her identity, but it should not
be the programmer's responsibility to anticipate the user's failure
to think at all. Someone who uses these tools without understanding
the principles upon which they are founded - such as people whom
accept keys from individuals whom are only electronically known -
will quickly founder upon their own, um, state of stupor, and one
should not undertake to protect them from this, as what you are pro-
-tecting them from, in reality, is the opportunity to learn from
their mistakes.
"I've said I would accept either a less ambiguous sig delimiter than
"--" or a remailer option to remove the sig (default) or leave it in."
Until there is a convention, IE, an RFC or ANSI standard for signatures,
it would be unwise to build in any assumption.
I just realized an excellent example. For years, I've been signing
myself ...
-- richard
... such that everything after my name - IE, contact data - would be
trimmed off. Not well thought out ... I have actually seen this in the
case of a few mail servers that rewrite contents ( such as the elec-
-tric vehicles digest, EV-L ).
-- richard
=====
-- richard childers rchilder@us.oracle.com 1 415 506 2411
oracle data center -- unix systems & network administration
"If Life is a drama, then, surely, the hardest parts go to the most skillful."
Return to January 1993
Return to “Richard Childers <rchilder@us.oracle.com>”