1994-02-14 - SCHEME for FULL-SPEC RETURN PATH
Header Data
From: “Jon ‘Iain’ Boone” <boone@psc.edu>
To: cypherpunks@toad.com
Message Hash: 1152483d92556eb2d9441655ecb760c8c8e32fc52fdec1953711d6143538ff79
Message ID: <9402141601.AA25873@igi.psc.edu>
Reply To: N/A
UTC Datetime: 1994-02-14 18:25:31 UTC
Raw Date: Mon, 14 Feb 94 10:25:31 PST
Raw message
From: "Jon 'Iain' Boone" <boone@psc.edu>
Date: Mon, 14 Feb 94 10:25:31 PST
To: cypherpunks@toad.com
Subject: SCHEME for FULL-SPEC RETURN PATH
Message-ID: <9402141601.AA25873@igi.psc.edu>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
This is a portion of mail that I sent to bill stewart. Since bill seems to
busy to send a critique, could someone else comply, please?
Jon Boone | PSC Networking | boone@psc.edu | (412) 268-6959 | PGP Key # B75699
PGP Public Key fingerprint = 23 59 EC 91 47 A6 E3 92 9E A8 96 6A D9 27 C9 6C
- ------- Forwarded Message
Date: Thu, 03 Feb 94 13:45:31 -0500
From: "Jon 'Iain' Boone" <boone@psc.edu>
How secure do you think this is?
Three remailers:
anon1+@a.edu
anon2+@b.com
anon3+@c.org
Originator: boone@psc.edu (really igi.psc.edu, as Message-ID: shows)
Receiver: wcs@anchor.ho.att.com
()Ka == contents inside () are encrypted with Public Key of A
mail addressed to random+*@foo.edu == mail to user random@foo.edu,
random's mail processor will
deal with the +*
The sender must encrypt his/her own address with the public key of the
first remailer and put it in the X-A-R-P: field.
Upon reciept of a message with X-A-S-P: set to non-empty, the re-mailer
will strip off its portion of the address and decrypt the rest with its
private key.
It will add itself to the X-A-R-P: and encrypt it in the public key of
the next remailer on the X-A-S-P:
If there is nothing in the X-A-S-P: (after having removed its own address),
then it needs to be sent to the To: address, so we set the From: address to
be the contents of the X-A-R-P: with its own address pre- & post- pended.
That way, the reciepient need not change his/her mail agent to respond via
the X-A-R-P: (or even need to include the X-A-S-P: in the outgoing response).
If the message doesn't have an X-A-S-P:, the remailer checks the "To:"
for the contents of what would have been the X-A-S-P: with its own address
pre- & post- pended. By stripping off its own address and de-crypting the
resultant, it has the next address to send it to.
Barring wire-tapping, your privacy is susceptible in the logs (syslog, etc.)
of the first remailer (a.edu in my example) or if all the RSA-keys for
a.edu, b.com and c.org are broken. To dampen wire-tapping, you could encrypt
the contents of the message with padding, making traffic analysis more
difficult.
Comments?
IGI.PSC.EDU:
To: wcs@anchor.ho.att.com
X-A-S-P: anon1+"(anon2+"(anon3+@c.org)Kb"@b.com)Ka"@a.edu
X-A-R-P: (boone@psc.edu)Ka
From: boone@psc.edu
Message-Id: <348723472.AA34890235@igi.psc.edu>
A.EDU:
To: wcs@anchor.ho.att.com
X-A-S-P: anon2+"(anon3+@c.org)Kb"@b.com
X-A-R-P: (anon1+"(boone@psc.edu)Ka"@a.edu)Kb
From: anon1+@a.edu
Message-Id: <2349458.AA23575@a.edu>
B.COM:
To: wcs@anchor.ho.att.com
X-A-S-P: anon3+@c.org
X-A-R-P: (anon2+"(anon1+"(boone@psc.edu)Ka"@a.edu)Kb"@b.com)Kc
From: anon2+@b.edu
Message-Id: <8980234.AA23489203@b.com>
C.ORG:
To: wcs@anchor.ho.att.com
X-A-R-P: anon3+"(anon2+"(anon1+"(boone@psc.edu)Ka"@a.edu)Kb"@b.com)Kc"@c.org
From: anon3+"(anon2+"(anon1+"(boone@psc.edu)Ka"@a.edu)Kb"@b.com)Kc"@c.org
Message-Id: <2343.AA123@c.org>
ANCHOR.HO.ATT.COM: (Reply)
To: anon3+"(anon2+"(anon1+"(boone@psc.edu)Ka"@a.edu)Kb"@b.com)Kc"@c.org
From: wcs@anchor.ho.att.com
Message-Id: <99234.AA23492383@anchor.ho.att.com>
C.ORG:
To: anon2+"(anon1+"(boone@psc.edu)Ka"@a.edu)Kb"@b.com
From: wcs@anchor.ho.att.com
Message-Id: <2342349324.AA2343242@c.org>
B.COM:
To: anon1+"(boone@psc.edu)Ka"@a.edu
From: wcs@anchor.ho.att.com
Message-Id: <98234234.AA123213@b.com>
A.EDU:
To: boone@psc.edu
From: wcs@anchor.ho.att.com
Message-Id: <7732432.AA52342@a.edu>
Of course, some work would be necessary to accomodate double-blind
conversations.
-----BEGIN PGP SIGNATURE-----
Version: 2.3a
iQCVAgUBLV92F4SAMUrxt1aZAQErUQQAggfMfjxAXS0rk9AL5uZTNN9adGNJqMvF
gC5QSlgSki2bmUzfeoq/2cSpdUx7vX9LPCGd88+RnnouyhCDhK0a6fOLGgEDrtar
miKGU11Ernt/bQC6gwvBa+KuD7pceLM2mPGw9NLxLMwwajP/U6CxL2/bMXIQhxZ0
eMTM76QuEwE=
=tfVg
-----END PGP SIGNATURE-----
#
Thread
Return to February 1994
- Return to ““Jon ‘Iain’ Boone” <boone@psc.edu>”
Return to “Matthew J Ghio <mg5n+@andrew.cmu.edu>”
- 1994-02-14 (Mon, 14 Feb 94 10:25:31 PST) - SCHEME for FULL-SPEC RETURN PATH - “Jon ‘Iain’ Boone” <boone@psc.edu>
- 1994-02-14 (Mon, 14 Feb 94 15:21:32 PST) - Re: SCHEME for FULL-SPEC RETURN PATH - Matthew J Ghio <mg5n+@andrew.cmu.edu>