1994-01-22 - RE: Remailers: The Next Generation

Header Data

From: Hal <hfinney@shell.portal.com>
To: cypherpunks@toad.com
Message Hash: 8c3925dc64e0520dc0ba4dd3c93475578a51b21c75698cc375a6a3e455c517e9
Message ID: <199401220619.WAA17532@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1994-01-22 06:29:28 UTC
Raw Date: Fri, 21 Jan 94 22:29:28 PST

Raw message

From: Hal <hfinney@shell.portal.com>
Date: Fri, 21 Jan 94 22:29:28 PST
To: cypherpunks@toad.com
Subject: RE: Remailers: The Next Generation
Message-ID: <199401220619.WAA17532@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Tim has made some excellent points regarding the remailers.  A couple
of quick comments:

I don't know if charging for messages can be made to work.  Karl has a
remailer which requires digital tokens.  You can get them for free just
by sending an email message.  But I'll bet almost no one uses them.
Why should they, when there are free ones?

That is the big problem.  The free ones undercut the pay-per-use
remailers.  Unless the pay remailers offer significantly more features
and advantages to the users, they won't be used.  Especially if we are
talking about actually mailing physical cash to the remailer operators
in order to receive tokens, this will be terribly inconvenient and will
further raise the threshold barrier against for-pay remailers.

So, the question is whether the value can be made large enough.  Most
of Tim's comments are focussed on the security of the remailers.  For
some applications this is important, particularly the more world-
shaking ideas we have discussed.  (And despite the skepticism I
expressed last week about the degree to which cryptography can change
the world, I do believe it can be a strong force for positive change.)
If people are fighting for freedom against a powerful adversary, they
will need the kind of security Tim is talking about.

But how much remailer use falls into that category?  Not much, right
now.  I frankly don't see improved security as a major problem that
needs to be addressed in the short term.  It's worth mentioning that
despite the charges of hypocrisy in the Detweiler affair (we are
supposedly violating our own principles of freedom and privacy) no one
has proposed trying to violate remailer confidentiality to produce
proof that Detweiler is behind the Squish posts.  Even with our current
network Detweiler has managed to achieve considerable privacy.

The fundamental purpose of the remailer network is to defeat traffic
analysis.  We want to protect the privacy of WHO you communicate with
as well as WHAT you say.  I agree with most of what Tim says, but I
feel that the biggest problems are with ease of use and social issues
rather than security at the present time.

In my opinion, what the remailer network needs is, first,
standardization, as Tim has proposed.  Secondly, it needs reliability
and robustness.  Third, it needs to be easier to do two-way messaging.
Related to this, we need software that can take a message from a
remailer and display it as coming from the sender, either as nym or
truename.  (Karl has a script which does this for elm or mh, I forget
which.)  Fourth, we need to find solutions to the political and social
problems the remailers cause.  Tim's idea of a global blocked-address
database is a good start here.

My picture of remailer use is a little different from what a lot of
people may be thinking of.  Just as we envision a world in which
everyone uses good, strong encryption to protect the privacy of their
electronic messages, I would like to see privacy protection with regard
to patterns of communication.  Who you communicate with tells a lot
about you, in some ways as much as what you say does.  In my ideal
future, remailers and similar technologies are as ubiquitous as
encryption, providing real protection of privacy.

Hal






Thread