From: Alan Barrett <barrett@daisy.ee.und.ac.za>
To: Matt Blaze <mab@crypto.com>
Message Hash: e7d37bb14ced0e7e236dc8e8d39af004f4136bcb1c15c81891f4f7253f913ae6
Message ID: <Pine.3.03.9310232053.F3609-b100000@daisy.ee.und.ac.za>
Reply To: <9310231826.AA08908@crypto.com>
UTC Datetime: 1993-10-23 19:18:26 UTC
Raw Date: Sat, 23 Oct 93 12:18:26 PDT
From: Alan Barrett <barrett@daisy.ee.und.ac.za>
Date: Sat, 23 Oct 93 12:18:26 PDT
To: Matt Blaze <mab@crypto.com>
Subject: Re: Warning about exposing anon id
In-Reply-To: <9310231826.AA08908@crypto.com>
Message-ID: <Pine.3.03.9310232053.F3609-b100000@daisy.ee.und.ac.za>
MIME-Version: 1.0
Content-Type: text/plain
Matt Blaze says:
> I think the best solution is to require any message sent through a
> remailer to include explicit instructions as to how it should be
> handled. [...] Messages that don't include the field should bounce,
> probably with some instructions as to how to fix the message to make
> it go through properly.
For messages that are deliberately sent through remailers, I agree
that the sender should provide explicit instructions to direct the
operation of the remailer. However, I would note that the mere act of
deliberately using a particular remailer can constitute an explicit
instruction for the remailer to perform its "standard" processing.
Messages that are inadvertantly sent through remailers by innocent folk
who simply reply to a (pseudonymous) message that they have received,
or simply write to an address that they have seen advertised, are
different. I think that such messages should function as much like
ordinary (non-anonymous) mail as possible, consistent with the goal of
protecting the recipient's identity, to avoid surprising the innocent
sender. Servers like the present implementation of anon.penet.fi do not
satisfy this requirement.
--apb (Alan Barrett)
Return to October 1993
Return to “Matt Blaze <mab@crypto.com>”