From: wcs@anchor.ho.att.com
Date: Wed, 23 Jun 93 11:31:49 PDT
To: cypherpunks@toad.com
Subject: Re: Origin lines in remailers
Message-ID: <9306231830.AA27125@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text


There are several possible solutions to the origin-lines problem, 
but they offer different benefits and place different requirements on the users;
unfortunately there's been no agreement on what the users should have to do,
so there's no agreement on "best" solutions.

1) Chop off anything that even *looks* signature-like, whether the user
   intended it or not -- I consider this ugly, evil, and unreliable,
   and likely to chop stuff I want kept and leave stuff I'd like chopped,
   but there are users out there (e.g. variants on alt.highly.personal.stuff
   or alt.whistleblowing) who are assumed to be computer-naive and used
   to this kind of automagic anonymity, and maybe they need it,
   especially if they don't realize that some systems *do* add them
   since their local system doesn't.

   A "Dont-Mess-With-Trailers:" header line would help a bit.

   I don't know how much of
	M.
	___ Blue Wave/QWK v2.12
	--  
	M. Stirner - via RBBS-NET node 8:914/201
	INTERNET: M..Stirner@f28.n125.z1.RBBS-NET.ORG
   was added by the author, how much by the Blue Wave and/or 8:914/201,
   or even for certain whether M. Stirner is the author or merely a 
   machine owner; I'm guessing the author, and I'm guessing everything
   but the initial "M." was added automagically under the machine-owner's control.

2) Cut-Here: lines of various sorts, either following a pre-specified syntax
   or a MIME-like flexible syntax.  I like this approach, since it gives
   the user a reasonable level of control and very seldom guesses wrong,
   but there are so many standards to choose from, and a proper implementation
   would have to leave in the line (or add an equivalent) at each hop
   to avoid accretion of path-traces, and make sure it gets the correct 
   syntax for each following remailer.  And the user *does* have to explicitly 
   request it, which some people view as a problem, especially if they
   don't know the characteristics of the later mail-handlers in the chain.

3) Encryption-based systems, which only retain the encrypted portion;
   this means the user has to know more about the remailers being used,
   and there has to be a standard for expressing which remailers to forward
   to if more than one will be used (which it probably will be, for anybody
   security-aware enough to really want an encrypting remailer.)

   It *does* give you absolute control over how much gets through,
   but also makes most steganography more difficult.

Solving the problem for message *headers* is tougher than solving it for
trailers, since you need to know how much to retain of the beginning,
and need to avoid trashing the information required to successfully
deliver the mail with enough information that its intended recipient can
decode and use it.

		Bill