[Nym3-devel] Specs clarification for the RELAY command.

Laurent Fousse laurent at komite.net
Sat Mar 18 22:56:22 CET 2006 

Hello,

* Nick Mathewson [2006-03-16]:
> The issue with MIME isn't malware; it's distinguishability IMO.
> There's really no way to have a non-dBistinguishable JPEG.  But yeah, I
> think in the long run Mixminion and Nymbaron both need to support MIME.

Ugh. I didn't think about that, I merely thought about the MIME
construction itself, not about the content of every possible part.

> > I think we already discussed on irc the problem of multipart
> > separator, which reduce the anonymity set. In nymbaron we plan to
> > deconstruct the message and reconstruct it with the python `email'
> > module so that the separator can't be used to distinguish between
> > nymusers (Zax is writing that I think). Did I forget anything else of
> > the kind ?
> 
> Well, are we certain all python versions have an "email" module that
> behaves the same, and that they always will?  Sounds dangerous.

Do they need to behave the same ?

> > Do we need to add this MIME-reconstruction to the specs ?
> 
> Probably.  Not every implementation will be in Python, and other
> implementors shouldn't need to read Python code in order to keep
> indistinguishable.
> 
> > Should it happen on the server, or on the client ?
> 
> Possibly both; at least on the client I think.

Having the reconstruction happen on the client is conservative for the
user security, but it has the drawback that the choice of MIME
delimiters needs to be specified in the specs.

The nice thing with MIME reconstruction on the server is that we don't
even need to specify how it should be done.

I have two different suggestions for boundary selection :

    a) each boundary is cryptographically random in the set of strings
       of length 42 bytes consisting only of ALPHA and DIGIT (in the
       unlikely event of a boundary appearing in the parts, retry).

    b) each boundary is selected as the lexicographically smallest
       suitable strings consisting only of ALPHA and DIGIT. The
       boundary selection is done in a depth-first manner.

Which one would you like to see in the specs ? :-)

Cheers,

Laurent.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 483 bytes
Desc: Digital signature
Url : http://lists.noreply.org/pipermail/nym3-devel/attachments/20060318/87526139/attachment.pgp

More information about the Nym3-devel mailing list