Re: [freehaven-dev] Request for comments: onion routing design paper

["Michael J. Freedman" <mfreed@cs.nyu.edu>]

> Date: Sun, 02 Nov 2003 10:41:17 -0500
> From: seph <seph@mit.edu>
> To: freehaven-dev@freehaven.net
> Subject: Re: [freehaven-dev] Request for comments: onion routing design
> 
>   page 3, column 1, paragraph 4: you discuss JAP. It seems like it's
>   be worth mentioning the recent brouhaha where JAP's client was
>   backdoored. (the authors introduced some logging at the request of
>   the german government). though it's not a technical weakness
>   specific to JAP, so I'm not sure it really belongs.

Actually, I think this underscores the need for three important properties 
for "production" anonymizing systems:

 1.  trust-me solutions are not sufficient

 2.  solutions must be open-source

 3.  protocols should be simple enough to allow multiple, independent 
     implementations

As to the last, it may be interesting to point to BASE *, a similar 
concept for BFT systems.

--mike


* http://citeseer.nj.nec.com/rodrigues01base.html