From: Theodore Ts’o <tytso@Athena.MIT.EDU>
To: pmetzger@shearson.com
Message Hash: 94f7c82db46852de36ee16469480cbc6da8bf820886db9096c9055d3d31d4dca
Message ID: <9303031741.AA19535@SOS>
Reply To: <9303031508.AA26458@maggie.shearson.com>
UTC Datetime: 1993-03-03 17:43:12 UTC
Raw Date: Wed, 3 Mar 93 09:43:12 PST
From: Theodore Ts'o <tytso@Athena.MIT.EDU>
Date: Wed, 3 Mar 93 09:43:12 PST
To: pmetzger@shearson.com
Subject: Re: You Aren't [I'm Not]
In-Reply-To: <9303031508.AA26458@maggie.shearson.com>
Message-ID: <9303031741.AA19535@SOS>
MIME-Version: 1.0
Content-Type: text/plain
Perry:
You are right that because of the right free speach, it is
impossible to prohibit remailers. However, while I don't believe in
prior restraint; but I do believe in personal responsibility. It is
certainly true that it is possible to construct a remailer service,
using cryptography, such that it would be impossible to trace it back to
the original sender. This class of remailer would generally not provide
a return address mapping feature, since if the remailer can generate a
return path, it can be revealed. There are ways to make it more
difficult to reveal, but they still don't make it impossible. So Julf's
remailer doesn't fall into this category, but ones where the input and
output mappings are destroyed immediately do.
So in this model, how can you provide personal responsibility? Well, I
would argue that the buck should stop at the remailer site. They are
the closest link to the chain of liability, and they have intentionally
performed measures which make it impossible find the next link in the
chain of liability. So, let the liability rest with the remailer site!
Now, I'm not a lawyer, and as far as I know, this legal theory hasn't
been tested in a court. So only time will tell what happens when these
remailers hit the real world.
As far as remailers like Julf's are concerned, I very much like the idea
which Tim Moors suggested --- which is to have some method which the
identity between the input and output address could be revealed. This
provides general anonymity, but one that can be breached when someone
has abused that anonymity, as convicted by a jury of their peers.
Perhaps the way this could be reflected into the "real world" legal
system is that remailers which do keep a mapping between input and
output addresses, and which are willing to reveal them under appropriate
circumstances, would be exempt from being held liable for what comes out
of their remailer.
Perhaps these are not the right sets of tools to be used to provide some
sort of controls over remailers so that the negative effects of these
remailers can be controlled. But it is our responsibility to consider
them, and not just pretend they don't exist. I hope we don't have the
attitude of "Vonce the rockets go up, who cares vere they come down?
That's not my department....."
- Ted
Return to March 1993
Return to “Theodore Ts’o <tytso@Athena.MIT.EDU>”