[118436] in Cypherpunks
Re: (eternity) (fwd) Cypherspace project
daemon@ATHENA.MIT.EDU (Michael Hohensee)
Tue Sep 28 01:35:10 1999
Message-ID: <37F0191B.83AFA2F1@sparta.mainstream.net>
Date: Mon, 27 Sep 1999 21:25:47 -0400
From: Michael Hohensee <michael@sparta.mainstream.net>
MIME-Version: 1.0
To: "cypherpunks@cyberpass.net" <cypherpunks@cyberpass.net>
CC: Jonathan Stafford <jestaff2@unity.ncsu.edu>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Reply-To: Michael Hohensee <michael@sparta.mainstream.net>
This only works if you can be sure that the server you're talking to is
not compromised. It also makes it impossible for the server to remain
anonymous, as is required by the specification on
http://www.cypherspace.org/eternity-design.html .
Jonathan Stafford wrote:
>
> I believe this problem might be avoided by doing the following:
>
> Each eternity server has a public and private key pair. Prior to
> requesting a file, the client encrypts the requested filename and the
> client's public key with the server's public key. Then a request of the
> file is made, with the GET passing the encrypted information. The server
> proceeds to decrypt the GET request and then return the requested file
> encrypted with the client's public key. (It is imperative that something
> other than just the filename be encrypted in the GET otherwise all
> requests for a specific file would appear identical, thus defeating the
> whole reason for this goofy scheme.)
>
--
Michael Hohensee
"Remember, it takes 42 muscles to frown and only 4 to pull the trigger
of a decent sniper rifle."
