On Fri, Sep 13, 2013 at 04:55:05PM -0400, John Kelsey wrote:
The more I think about it, the more important it seems that any anonymous email like communications system *not* include people who don't want to be part of it, and have lots of defenses to prevent its anonymous communications from becoming a nightmare for its participants.
Well you could certainly allow people to opt-in to receiving anonymous email, send them a notification mail saying an anonymous email is waiting for them (and whatever warning that it could be a nastygram, as easily as the next thing). People have to bear in mind that email itself is not authenticated - SMTP forgeries still work - but there are still a large number of newbies some of whom have sufficiently thin skin to go ballistic when they realize they received something anonymous and not internalized the implication of digital free-speech. At ZKS we had a pseudonymous email system. Users had to pay for nyms (a pack of 5 paid per year) so they wouldnt throw them away on nuisance pranks too lightly. They could be blocked if credible abuse complaint were received. Another design permutation I was thinking could be rather interesting is unobservable mail. That is to say the participants know who they are talking to (signed, non-pseudonymous) but passive observers do not. It seems to me that in that circumstance you have more design leverage to increase the security margin using PIR like tricks than you can with pseudonymous/anonymous - if the "contract" is that the system remains very secure so long as both parties to a communication channel want it to remain that way. There were also a few protocols for to facilitate anonymous abuse resistant emails - user gets some kind of anonymously refreshable egress capability token. If they abuse they are not identified but lose the capability. eg http://www-users.cs.umn.edu/~hopper/faust-wpes.pdf Finally there can be different types of costs for nyms and posts - creating nyms or individual posts can cost real money (hard to retain pseudonymity), bitcoin, or hashcash, as well lost reputation if a used nym is canceled. Adam _______________________________________________ The cryptography mailing list [email protected] http://www.metzdowd.com/mailman/listinfo/cryptography
