[anonsec] Re: potential new IETF WG on anonymous IPSec (fwd from hal at finney.org) (fwd from touch at ISI.EDU)

bear bear at sonic.net
Sat Sep 11 17:53:59 EDT 2004

On Fri, 10 Sep 2004, Eugen Leitl wrote:

>From: Joe Touch <touch at ISI.EDU>

>>To clarify, this is not really "anonymous" in the usual sense.
>It does not authenticate the endpoint's identification, other than "same
>place I had been talking to."

That's pseudonymity, not anonymity.

>There's no difference between having no "name" and having a name you
>cannot trust. I.e., I could travel under the name "anonymous" or "", or
>under the name "A. Smith". If you don't know whether I am actually A.
>Smith, the latter is identical to the former.

This is just plain not true.  When operating under a pseudonym,
you are making linkable acts - linkable to each other even if
not necessarily linkable to your own official identity.  Anonymous
actions or communications are those which cannot be linked to any
other no matter how hard someone tries.

We can expect the public to fail to grasp the distinction, but
on this list "anonymous" is a very strong claim.  Anonymity is
*HARD* to do, not something that results from failing to check
a credential.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list