1993-03-01 - Re: more ideas on anonymity

Header Data

From: Marc Horowitz <marc@MIT.EDU>
To: cypherpunks@toad.com
Message Hash: e26ec125acf0e8ad36bdda54101048b3aeb6b6c3bdb1e096a8ac9a78546540a0
Message ID: <9303010514.AA05974@deathtongue.MIT.EDU>
Reply To: <9303010240.AA10573@toad.com>
UTC Datetime: 1993-03-01 05:15:28 UTC
Raw Date: Sun, 28 Feb 93 21:15:28 PST

Raw message

From: Marc Horowitz <marc@MIT.EDU>
Date: Sun, 28 Feb 93 21:15:28 PST
To: cypherpunks@toad.com
Subject: Re: more ideas on anonymity
In-Reply-To: <9303010240.AA10573@toad.com>
Message-ID: <9303010514.AA05974@deathtongue.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain

>> One last note about practicality.  We live in a world with pay
>> telephones, which anyone may use to threaten anyone else,
>> anonymously.  Shall we eliminate pay phones?  Today in the United
>> States, a uniformed agent of the government will deliver your
>> anonymous threat to your victims door for only US$0.29.  Shall we
>> eliminate the Postal Service? 

This is different than anonymous remailers currently.  Why?  Because
pay phones and letters *cost* *money*.

So, I have a proposal.  Have someone *sell* signed keys, for real
money.  The only purpose of the signature is so that someone can
verify that it's been paid for.  It can be bought out of band.  For
example, I can email the signing agent my public key, and paper-mail a
money order with no return address.  Maybe in the future, we can just
use digital money.  When he gets my money, he signs my key and sends
it back to me, possibly via some remailer or whatever.

Now, when I send a message via a remailer, the mailer checks to see if
the message has been signed by a key which has been signed by the key
signing agent.  If it has been, then it forwards the mail.  If not, it

Now, here's the trick.  If too many people complain about a particular
sender (see below), the key gets revoked by the signing service.  This
means flooding newsgroups, slander, etc., *costs* *real* *money*.
This is a big encouragement not to abuse the net, because it costs
money.  Perhaps we even have different levels of signing, based on
costs.  Pay $1, and the remailers will let you send to alt groups
only.  Pay $10, and you can send to alt, soc, misc, talk, and some set
of high-traffic, low-signal lists. Pay $100, and you can post
anywhere, including individuals.  These are all example numbers, of

 - People can easily remain pseudonymous.
 - There is a monetary incentive not to be a bonehead.
 - Revocation is possible.  There's no punishing wrongdoers, but
people aren't likely to put much credence behind anonymous claims.
 - This works like the Real World.  People with enough money can
create false identites for themselves, anyway.
 - Remailer owners can choose which signing agents to trust.  Other
than monetary schemes might be able to be set up.  For instance, if
you can get five real, trustable people to vouch for your pseudonym,
you win.  If you screw up, their reputations become tarnished, as

I guess all this is is a positive reputation scheme, bootstrapped by
money, which is more important to some people than reputation, anyway.
I mean, someone willing to go through the bother of spending $10 to
get his key signed is either very bored, or has to have something to

Now, back to complaints.  What constitutes a complaint?  Each
certifier would probably have to decide this on their own.  Some might
choose never to revoke a signature.  Some might do it only after some
number of complaints.  Some might come up with systems of arbitration,
with judges, voting, and everything.  The remailers can vote with
their feet: whichever signing agents match the policies they like,
they trust.  And recipients (like newsgroups, mailing lists, or even
individuals) can choose to accept messages only from remailers they

So, we have a fairly complex system with multiple degrees of freedom,
where endusers can pick and choose from among the policies they like
best.  This is sort of like credit card purchases.  Hertz is willing
to rent me a car based on Visa's evaluation of my creditworthyness.
Similarly, large-public-mailing-list@site.domain can decide to accept
messages from a given remailer, based on their published policies.
Actually dealing with signatures isn't their problem.  It's to the
signing agent's advantage to be trustworthy, or else nobody will pay
attention to his signatures, and nobody will give him money to sign
their keys.  Poof, a free market.

It isn't simple, but I think one thing we can all agree on is that no
solution to these problems we are facing will be both adequate and