From: Black Unicorn <unicorn@schloss.li>
Date: Mon, 4 Mar 1996 05:33:12 +0800
Subject: Re: your mail
In-Reply-To: <199603031418.JAA09675@black-ice.gateway.com>
Message-ID: <Pine.SUN.3.91.960303155543.24935C-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Mar 1996, Anonymous Remail Service wrote:
[...]

> >I attended last weeks "Information, National Policies, and International
> >Infrastructure" Symposium at Harvard Law School, organized by the Global
> >Information Infrastructure Commission, the Kennedy School and the
> >Institute for Information Technology Law & Policy of Harvard Law School.
> >
> >During the presentation by Paul Strassmann, National Defense University
> >and William Marlow, Science Applications International Corporation,
> >entitled "Anonymous Remailers as Risk-Free International Infoterrorists"
> >the questions was raised from audience (Professor Chaarles Nesson,
> >Harvard LAw School) - in a rather extended debate - whether the CIA and
> >similar government agencies are involved in running anonymous remailers
> >as this would be a perfect target to scan possibly illegal messages.
> >
> >Both presenters explicitly acknowledged that a number of anonymous
> >remnailers in the US are run by government agencies scanning traffic.
> >Marlow said that the government runs at least a dozen remailers and that
> >the most popular remailers in France and Germany are run by the
> >respective government agencies in these countries. In addition they
> >mentioned that the NSA has successfully developed systems to break
> >encrypted messages below 1000 bit of key length and strongly suggested
> >to use at least 1024 bit keys. They said that they semselves use 1024
> >bit keys.

[...]

> >Viktor Mayer-Schoenberger
> >Information Law Project
> >Austrian Institute for Legal Policy
> Groundfog@alpha.c2.org

What this demonstrates, regardless of the legitimacy of the claim, is the 
need for a web of trust that does more than estlablish the link between 
key and user, but one that distributes reputation capital.

The ability to assign reputation to remailers via digital signature is 
going to be of increasing importance, as is the use of larger keys by 
remail-operators.

Are there any grassroots projects on the table to address the former problem?

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information