From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Tue, 10 Jan 95 21:52:02 PST
To: jpb@gate.net
Subject: Re: Thoughts on Data Havens
Message-ID: <9501102319.AB01326@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:30 AM 1/10/95, jpb@gate.net wrote:
> ... Post a new PGP key and encrypted address block weekly to alt.data.havens,
>alt.2600, or a stegoed picture to alt.binaries.pictures.whatever.  If you
>are limiting usership, perhaps an autoencrypting majordomo list. ...

Still, messages intended for the DH could be identified by the publically 
known mailer address.  Some sort of protocol where each message to the 
remailer results in a new and different encrypted send-to block being 
returned to the sender would seem to be required.  Avoiding traffic analysis 
on these messages would require you to place a new and different encrypted 
reply-to on each message chunk.

> ...  It would also be a good idea to only allow DH
>commands to be executed if the encrypted (mandatory) control message arrived
>from another remailer account ...

I was assuming this--on the basis that the DH would not want its location 
know to the presumeably large number of clients.


    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com