[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: End to end Mixminion issues, with proposed solutions



On Tue, 24 Sep 2002, Len Sassaman wrote:
> Not all implementations need to support creation of remailer messages,
> or delivery of plaintext messages. There could be an implementation that
> is simply a "middleman" remailer, that only takes encrypted remailer
> messages, mixes them, and hands them to other remailers. Such an
> implementation would not be concerned with fragmentation or reassembly.
> 
> Any implementation that delivers messages to the end user (in plain text)
> MUST know how to reassemble them. And any implementation that creates
> remailer messages from plain text SHOULD know how to fragment the message,
> and SHOULD NOT but MAY reject oversized messages.
> 
> 
> --Len.
> 

I think I am quite happy with the statement above. Since Nick said he will 
be thinking about fragmentation and reassembly, compression and error 
correction here are my thoughts:

1) The above functions would need to be implemented on top of the standard 
mixminion interface (so we better design the interface to provide all the 
facilities we need).
2) The mixminion network middle nodes should not have any awareness about 
this layer (which follows from 1).
3) Requirements:
	- Fragmentation and reassembly allows messages (A), or streams (B) 
to be transported anonymously on the mixminion network, even when their 
size is larger than a single mixminion packet size.
	- Error correction allows messages to be reconstructed even if 
some of the mixminion packets were dropped by the network.
	- Compression can be used on the original message to minimize the 
bandwidth it would use in the network.
4) The way of archiving the above should be the same for forward path 
messages and SURB routed messages.
5) Contentious: Since many mixminion packets are notionally used to route 
a message to another user I propose we establish at the same time support 
for pseudonymous sessions. What does that mean:
	- An ID or signature is included in the message along with a 
serial number. 
	- Some SURBS can be provided that are associated with the ID and 
signature that the other side keeps as a reference to be able to reply to 
the sender.

Therefore the two communicating parties can maintain a channel open, and 
have a two way conversation. The idea popped in my mind whn I tried to 
specify the Nym Server and realized that bi-directional sessions whould be 
required by most (complex) applications.

7) I believe Rabin's Information Dispersal Algorithm with gzip should 
fulfill well the requirements in (3) but I do not know much about these 
issues, so please comment. I believe forward error correction codes are a 
better solution than retransmissions for reliability but this is just a 
gut feeling.

Please comment on the parts above.
I suggest that:
Nick - thinks about requirements in (3).
I (George) - thinks about how to do (6) and follow the discussion (or 
             flame war) about it.

Yours,

George