1994-05-13 - Re: Message Havens
Header Data
From: SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
To: klbarrus@owlnet.rice.edu (Karl Lui Barrus)
Message Hash: dbb06beda328a1bfc87f8ce3849cd7392b6bdb51fec750a4ff873f8a72c301ba
Message ID: <94May13.113250edt.13511@cannon.ecf.toronto.edu>
Reply To: <9405130432.AA05874@flammulated.owlnet.rice.edu>
UTC Datetime: 1994-05-13 15:33:02 UTC
Raw Date: Fri, 13 May 94 08:33:02 PDT
Raw message
From: SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Fri, 13 May 94 08:33:02 PDT
To: klbarrus@owlnet.rice.edu (Karl Lui Barrus)
Subject: Re: Message Havens
In-Reply-To: <9405130432.AA05874@flammulated.owlnet.rice.edu>
Message-ID: <94May13.113250edt.13511@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain
> I'm taking it that a "gopherhole" is different than the "message
> haven" I described, so maybe I missed something...
A "gopherhole" and "message haven" are the same thing.
We were using the term "gopherhole" because it was suggested that
gopher be used as the underlying mechanism for a message haven.
> but if the "gopherhole" sends out random messages (and presumably the
> ones you are interested in) then the "gopherhole" will eventually be
> able to figure out what messages you are interested in. And how would
> it know what messages you are interested in unless you tell it... it
> would then need to be able to tie your psuedonym to your real mail
> address, which defeats the entire purpose of what I described. But
> then, maybe the design goal of a "gopherhole" is different and I
> missed it.
Yes. Under this model, a message haven must be trusted.
> Maybe I wasn't clear in what the "message haven" offered... I'm trying
> to get away from the penet style mapping tables, persistent
> information tying you and your pseudonym, and solve the "unsolicited
> anonymous mail" problem. The message haven requires no trust, no
> tables, no information since it just accepts message and files them,
> and if you retrieve all the message, the haven can't figure out which
> ones you are interested in!
This flavour of message haven would not require persistent tables.
A crooked operator /could/ maintain them, but unlike penet they are
not required. Every time you log into a message haven, you tell it
what tags you are interested in. Here the level of trust is similar
to that of a regular remailer. The remailer /could/ keep logs to
destroy your anonymity, but we hope it doesn't.
I realize this solution is far from ideal. But as I posted before,
I don't believe the numbers favour a message haven where everything
is downloaded. I have this nagging feeling that there is some
very elegant cryptographical way of doing this employing secret
sharing, but I can't actually think of how to do it.
Thread
Return to May 1994
- Return to “Karl Lui Barrus <klbarrus@owlnet.rice.edu>”
Return to “SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>”
- 1994-05-13 (Thu, 12 May 94 21:32:52 PDT) - Re: Message Havens - Karl Lui Barrus <klbarrus@owlnet.rice.edu>
- 1994-05-13 (Fri, 13 May 94 08:33:02 PDT) - Re: Message Havens - SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>