1997-10-06 - Transmission Management

Header Data

From: nobody@REPLAY.COM (Anonymous)
To: cypherpunks@cyberpass.net
Message Hash: 67015900faa945f44063ac0a60d59c333806f29f0c44cbe73273187bcaa35da0
Message ID: <199710060618.IAA23949@basement.replay.com>
Reply To: N/A
UTC Datetime: 1997-10-06 06:23:47 UTC
Raw Date: Mon, 6 Oct 1997 14:23:47 +0800

Raw message

From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 6 Oct 1997 14:23:47 +0800
To: cypherpunks@cyberpass.net
Subject: Transmission Management
Message-ID: <199710060618.IAA23949@basement.replay.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Lucky Green wrote:
>And PGP's Policy Enforcer has another side to it: have you ever
>forgotten to encrypt email that should have been encrypted? I
>have. With the Policy Enforcer installed, that can't happen. Which
>may well save big hassles in the future.

(This feature is independent of the GAK aspects of the product.)

It's probably a good idea to set up your mailer so that it discourages
transmission of unencrypted mail.  This could be as simple as a
sequence of questions: "Do you want to do this?", "Do you really want
to do this?", and "Are you absolutely one hundred percent sure that it
is a good idea to put this message on tape at Fort Meade for
eternity?"  But, you could make more amusing warnings.  For example,
the mailer could convert your message into a front page article for
the New York Times and show you what it will look like.

Agencies which handle encrypted communications typically track every
message sent.  We should do the same thing.  Most people probably do
this in an informal way, but really slick tools for doing this would
have their uses.

This is especially true when managing an identity.  Not only would it
be nice to track every transmission in a nice easy to assess way, but
also track exactly how it was transmitted, the precise time of
transmission, and the remailers used to deliver it.

This raw information would be neat to have, but it wouldn't get really
useful without an analysis tool.  For instance, you could see how much
your identity depends on the security of certain remailers.  If you
use one remailer in your chains a lot, you might want to have
something which warns you that you are becoming overly dependent on
that remailer.  Or, you might want to run "what if" scenarios to see
if you would be vulnerable if a particular set of remailers were
compromised.

If the analysis tool were really good, it would hunt for weaknesses
based on known remailer attacks.

And, naturally, for proper identity management it would be important
to keep a running score for the odds that each identity were
compromised and by which threats.

Monty Cantsin
Editor in Chief
Smile Magazine
http://www.neoism.org/squares/smile_index.html
http://www.neoism.org/squares/cantsin_10.html

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBNDh0V5aWtjSmRH/5AQFyFwf+OhIbig7B/njU1yTlDdIuBHs3jpYyH6Ol
/+Cjk9X2MbFkYGec3vm8muf1alGI/8ZH+NV73cXry1rN8FqdIY/eoJX5OoRhTQpa
ajQFNnSaufbY2xgx45o7S+jFCFGaasInjsvl7q78iH8JL2seXgG3t7HNsK/SZOqD
lZynyUqCaVssiSTkDHiZx72TUPJbhUCOvkoKdiy5evQlN7PPyKNmajB9INbzin7z
qKqfyyHyFR+Gu618IojassyZ9wuEzbjMStTRMf8TGOo8yJWaH0+W7KX9JHVF3Zdv
EjINSw7EBxMAOk83AY9YP0nuLJnwaEoloKifX6D+MmQ+Jx9Js2ocuA==
=HUZ7
-----END PGP SIGNATURE-----








Thread