1996-09-03 - Solid Foundations

Header Data

From: tcmay@got.net (Timothy C. May)
To: cypherpunks@toad.com
Message Hash: 97a7b4874eca8fe2959a86cc3d0a3bd3927709eea600778ab991b3f0c650b031
Message ID: <ae50bc6d0202100429d0@[207.167.93.63]>
Reply To: N/A
UTC Datetime: 1996-09-03 07:55:32 UTC
Raw Date: Tue, 3 Sep 1996 15:55:32 +0800

Raw message

From: tcmay@got.net (Timothy C. May)
Date: Tue, 3 Sep 1996 15:55:32 +0800
To: cypherpunks@toad.com
Subject: Solid Foundations
Message-ID: <ae50bc6d0202100429d0@[207.167.93.63]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:57 PM 9/2/96, lcs Remailer Administrator wrote:

>Well, I just designed a nymserver that's probably more complicated and
>difficult to use than any previous one.  From this experience, I have
>concluded that if you want to design a remailer with real security (as
>opposed to a penet-style server), it just won't be easy to use that
>remailer manually.  Even alpha.c2.org was kind of a pain to use
>manually.  I therefore think in the long run it's better to bite the
>bullet, write as secure a nym server as possible, and expect that
         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>people will use special client software to use the remailer.

I strongly agree. It's very important that _foundations_ be as robust and
strong as possible. Then on top of this foundation, other layers can be
added without the whole structure tumbling down when flaws in the
underlying protocols are discovered.

This has been one of my pet theories for a long time. Not just the fairly
obvious point that foundations need to be robust, but the specific point
that one of the strengths of PGP was that it dealt with *text blocks*.
Though we all want integration into our favorite programs, by building PGP
around a text block there were several advantages. First, a simpler problem
than trying to deal with n different programs. Second, a text block has
fewer places for flaws to creep in. Third, platform independence. Fourth,
any editor or other program that can access text can potentially be used
with PGP. Fifth, separating crypto functions from other functions is good,
orthogonal, method-oriented design. Sixth, this allows drop-in replacements
(where "hooks" are used.)

(To understand why these points are so important, one needs to look at
programs which integrate crypto directly...independent verification is
harder to do, bugs may be less apparent, and delays in supporting other
platforms (if ever) are likely, etc..)

--Tim May



We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









Thread