1996-02-20 - Re: Remailers not heard from; info?

Header Data

From: Alex Strasheim <cp@proust.suba.com>
To: dmandl@panix.com (David Mandl)
Message Hash: e36dad9bc3848bf3eb64f888a12b6a7d092e370edd540807d28c276eb8eaf19f
Message ID: <199602192241.QAA28619@proust.suba.com>
Reply To: <v01530500ad4e8ad00b96@[166.84.250.21]>
UTC Datetime: 1996-02-20 00:04:48 UTC
Raw Date: Tue, 20 Feb 1996 08:04:48 +0800

Raw message

From: Alex Strasheim <cp@proust.suba.com>
Date: Tue, 20 Feb 1996 08:04:48 +0800
To: dmandl@panix.com (David Mandl)
Subject: Re: Remailers not heard from; info?
In-Reply-To: <v01530500ad4e8ad00b96@[166.84.250.21]>
Message-ID: <199602192241.QAA28619@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


> Even more important, I believe that many (most?) remailers still leave
> signatures in by default.  This is extremely dangerous, and inconvenient
> too, since some mail programs make you jump through hoops to turn off the
> signature feature.  I think it'd be a good idea if ALL remailers omitted
> them by default and, if anything, allowed the sender to optionally leave
> his or her signature in (though I imagine that'd be a rare request).

Couple of problems:

o   Some of us -- like me -- like to use double dashes to separate text. 
The penet remailer used to drive me crazy, it always stripped off the
bottom of my posts.

o   Someone using a nym might want to use a sig.

o   Very few mailers make people use sigs -- usually just the ones on 
bbs's.  If people want to use crummy broken mailers, they ought to be 
willing to take the consequences.

o   Depending on a remailer to strip your sig doesn't give you security wrt
the remailer operator.  If you use encryption, the last remailer on the
chain will see your sig, which will be in the innermost encrypted block. 
That defeats the purpose of chaining.  If you're not using encryption, you 
don't have any security anyay.

A better solution might be a specialized remailer that strips sigs for 
people who need the service.  People who need sig stripping could put 
that remailer in the chain, and the rest of us could handle our sigs on 
our own.

I think we're moving more towards systems that require remailer clients 
(like mixmaster) anyway.





Thread