From: remail@tamsun.tamu.edu
To: cypherpunks@toad.com
Message Hash: c75f25f7acd51c56d9ceb19fc0dfa65f59743fa8967b5eb4bc2b8658e8d5ff54
Message ID: <9308311923.AA17945@tamsun.tamu.edu>
Reply To: N/A
UTC Datetime: 1993-08-31 19:26:32 UTC
Raw Date: Tue, 31 Aug 93 12:26:32 PDT
From: remail@tamsun.tamu.edu
Date: Tue, 31 Aug 93 12:26:32 PDT
To: cypherpunks@toad.com
Subject: anonymous mail
Message-ID: <9308311923.AA17945@tamsun.tamu.edu>
MIME-Version: 1.0
Content-Type: text/plain
PEM also reveals who signs messages, even when the message is encrypted.
In other words, if I send you a PGP encrypted message which I also signed,
the signature is hidden under the encryption. You do not know who sent you
the PGP message (assuming a cypherpunks remailer or equivalent was used)
until after you decrypt the first "packet" and gaze inside.
PEM, on the other hand, reveals in the clear who signed the message, outside
of the encrypted portion. Also note that to be PEM compliant, you *must*
always sign your messages. So much for anonymous encrypted messages...
There is something to be said for the PGP encapsulated approach...
Return to September 1993
Return to “remail@tamsun.tamu.edu”