From: Derek Atkins <warlord@MIT.EDU>
Date: Mon, 14 Feb 94 23:21:33 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Models of Anonymity (was Re: Detweiler abuse again)
In-Reply-To: <199402150457.UAA14579@mail.netcom.com>
Message-ID: <9402150715.AA02994@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Derek's further comments about some kind of receipt that comes
> back....I'll have to think about that further. My hunch is that that
> may break the total anonymity (that we strive for as a principle) and
> should be avoided. I'd recommend we all go back and look at the

I'm not sure that I really meant to have a receipt, more or a
return-path.  Maybe even a cryptographiccally secure return path.  I
think a question is: who are we protecting against?  Are we protecting
against the remailer operators?  Or are we trying to protect from a
third party?

I think we should go back and re-examine our goals for anonymity.

> Yes, but Hal has not obligation to accept messages from known
> disruptors, any more than you have an obligation to "never censor"
> people by keeping them out of your house.

To me, this is like NEARNet saying that they have no obligation to
accept packets from a known disruptive user.  No, I don't believe that
that is the answer.  Then again, I don't think that a remailer should
run out of an account, but rather on a machine, but that's a different
story.  I consider a remailer a service, and as such, the service
should be available to all comers.  (With digital postage this
paradigm makes much more sense).  I do not think of it like a home.

I also agree that positive reputation is important, but I think that
is much more difficult to implement than a more secure anonymous
system.

To reiterate: I do think that something needs to be done, but I think
we should analyze what we are trying to accomplish rather than rushing
off and saying "just don't service this abusive customer".

-derek