From: Karl Lui Barrus <klbarrus@owlnet.rice.edu>
Date: Sun, 19 Jun 94 17:04:02 PDT
To: cypherpunks@toad.com
Subject: MAIL: anon mailing list
Message-ID: <9406200003.AA17728@flammulated.owlnet.rice.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> Has anyone tried to write some mailing list software that uses
> PGP-anon-remailers to implement a double-blind anon system?
 
> a standard mailing list. But has this already been done? It seems
> like such an obvious idea, that it's hard to believe no one has
> thought of it first, but I haven't heard of anything so far. Comments?

Well, Hal Finney offered a service by which people could subscribe to
an encrypted version of this list... which is something similar.

Say somebody wants to run a mailing list as you propose.  I think they
should just run the list at the same address unless the remailers can
suitably pad, delay, and randomize incoming messages and redirect them
to the true list site (but then delay and randomization may lead to
loss of coherency on the list ;).  If not, surely external observation
of the contact point will show where all the messages are headed.

The resources needed would be higher than a normal list since each
incoming message would need to be checked for a digital signature (or
the list could become victim to an anonymous mail bomber, and you
can't filter out anonymous remailers since of course everybody is
using them to submit posts!), encrypted to every other member, and
remailed.

Which isn't to say impossible, just maybe impractical for a large
mailing list.  Take this list, with say 500 members - every incoming
post digitally signed and arriving via anonymous remailer, and upon
arrival, checked for a valid signature, encrypted with the public keys
of the pseudonyms subscribing to the list;), and remailed out...

This may work if you have a small group of people dedicated to this
setup, but otherwise, no go.  I mean, most people on this list don't
even sign their posts, most don't submit via anonymous remailer, etc.
It would take much work to make it convenient enough to do this.

I think a higher priority is finding the bug that keeps unsubscribing
everybody ;)

Karl Barrus
klbarrus@owlnet.rice.edu

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBLgTdeMSF/V8IjI8hAQHeTwQAjDPXzJgrwubLkxq0Kz6ETM7chR4Ci5kG
XbzWrFc3jwT57xpOfHIeeTTWn73Sls7C5UsFAT1sE4hxHRZO2HG6a7psLRa5/82V
bhjnW+6KMOByCZb01h4b0toVR+7vF22EzPME0lnlsW+SjBqlAcNYPb+rSnjbnahG
g9zzaCL6nJ8=
=1WIZ
-----END PGP SIGNATURE-----

-- 
Karl L. Barrus: klbarrus@owlnet.rice.edu         
2.3: 5AD633;   D1 59 9D 48 72 E9 19 D5  3D F3 93 7E 81 B5 CC 32 
2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5  E8 97 64 7E 20 95 60 D9
"One man's mnemonic is another man's cryptography" - K. Cooper