Article 264 (79 more) in alt.security.pgp:
From: hmiller@lucpul.it.luc.edu (Hugh Miller)
Subject: PAX - Public Access Unix - Anonymous Posting Service
Message-ID: <hmiller.724408793@lucpul.it.luc.edu>
Date: 15 Dec 92 08:39:53 GMT
Sender: root@lucpum.it.luc.edu (System PRIVILEGED Account)
Organization: Loyola University Chicago
Lines: 328

Here's the file you can get by sending an empty message
to anon.info@pax.tpa.com.au.

 PAX - Public Access Unix (Adelaide,South Australia) - Anonymous Posting Host
 ============================================================================

Last modified: Fri Nov 20 18:55:52 CST 1992

 Information about Anonymous & Privacy-Enhanced Posting.
 =======================================================

PAX is conducting research into the viability of anonymous privacy-
enhanced mail as a means of providing practical, secure and confidential
electronic mail and news. An experimental server has been setup and
you are encouraged to use it.

There are many anonymous posting services in existence which provide
anonymous electronic mail and posting to specific newsgroups where
posting is sometimes harmful to one's health or reputation ! Such
services allow you to:

 - post anonymously to those news groups

 - reply anonymously to posts by email

 - converse anonymously with another anonymous user, neither of
   you knowing your real identities

Privacy-enhanced electronic mail refers to the concept of encrypting
one's mail prior to sending it off into the ether, presumably to
someone at the other end capable of decrypting it. If one uses a
so-called "public key" method of encryption, then one can make one's
"public" key widely known so that anyone can encrypt mail to you, but only
you can decrypt it using your "secret" key. There is much development
going on in this area, but one quite popular public-domain implementation
is Philip Zimmermann's "Pretty Good Privacy 2.0" which makes use of a
number of cryptographic methods including the RSA algorithm in places
(See Legal Issues later on). PGP allows you to:

 - exchange public keys with another individual

 - encode messages to them that only they can read

 - receive messages from them that only you can read

These tools are all very well for the specific purposes for which they
were designed, but unfortunately your anonymous message or post is not
actually anonymous until it gets to the machine that host's the service.
Anyone in between, including your own administrators, can in theory
read your post, even though they won't know to whom it is directed. What
is more they can also read replies addressed back to you. This can be
highly embarrassing at best, and result in dismissal or disconnection
at worst if your thoughts, beliefs or activities are disapproved of by
the powers that be, even if they are perfectly legal.

PAX's privacy-enhanced anonymous services were conceived in the belief
that free speech and privacy are fundamental rights and that it is
high time the networks to which we are connected provided such services
on a routine basis. Seeing as they don't we have to make a start somewhere.

This service provides:

 - conventional anonymous mailing and posting services via a "normal"
   alias assigned in the usual fashion

 - the ability to post to ANY newsgroup that is carried out of PAX
   (which includes most non-regional groups)

 - PGP 2.0 based privacy-enhanced mail & posting, including:

   - ability to register your "public" key with PAX, so that PAX
     can send encrypted messages to you

   - local generation of a unique public key which is sent to you,
     so that you can send encrypted messages to PAX

   - any encoded messages from you mailed to a user or newsgroup are
     decrypted at PAX before being passed on in anonymous form

   - any anonymous replies to your "pgp" alias are encrypted before
     being mailed to you

For example, once you have obtained your PGP 2.0 software (as described
later) and got it going, and once you have generated and registered
your public key and received PAX's key in response, you will be able
to post to any newsgroup without anyone beyond your machine having
access to the plaintext of your post.

Furthermore, if another user has registered in the same manner, and
you know their anonymous alias or are responding to one of their
anonymous posts, even though you don't know who they are and haven't
exchanged keys to communicate directly, the PAX service will automatically
decrypt any encrypted messages from you and re-encrypt them before
passing them on to the other person !

 How to use it.
 ==============

All transactions are handled by email, and commands are selected by
the name of the alias to which you mail, not by the subject or body
of the message (which are ignored unless sending or posting a message).
The separator between the "anon" and the command is a dot (period,'.')
and nothing else will work ! Not '-', not '_', not ":", only a dot.

The site to address mail is "pax.tpa.com.au". If this fails for some
reason, you may need to address it to the specific host (at present)
ie. "flash.pax.tpa.com.au".

"Normal" (unencrypted) commands:

 - To get information (this message):

    mail anon.info@pax.tpa.com.au

 - To see what your "normal" alias is, or get one:

    mail anon.ping@pax.tpa.com.au

 - To send a reply to another anonymous user:

    mail anon.###@pax.tpa.com.au

    NB:
      - eg. mail anon.36@pax.tpa.com.au

      - don't be creative ... anon.036 won't work

      - an attempt is made to strip off signature lines by discarding
        everything after a line starting with "--" or "__"

 - To send a post to a newsgroup:

    mail anon.post.groupname@pax.tpa.com.au

    NB:
      - eg. "mail anon.post.talk.abortion" will send a
        post to "talk.abortion"

      - only the Subject field from your post is used, the rest of
        the header is discarded

      - the newsgroup is selected by the alias; Newsgroup header
        fields are discarded; hence cross-posting isn't feasible

      - signatures are stripped as above

"PGP" (encryption) commands:

 - To register your public key with PAX: (ABSOLUTELY NECESSARY)

    mail anon.key@pax.tpa.com.au

    NB:
      - first you have to make install pgp and make a key then send it
        in a "anon.key" command

      - the body of the message MUST contain an ascii encoded public key
        generated by PGP V2.0. You may use your regular public key that
        you give to other people if you wish. The user ID name must be
        unlikely to conflict with one PAX already has, so use your full
        name, or include your email address or something. If you want
        you can use a unique key just for PAX - it makes no difference.
        If PAX already has a key of the same user-id it will reject yours.
        Note that this means that you need different key user-id's on
        different machines (or mail addresses anyway).

        # makes new keys & adds to your "keyring"
        pgp -kg
        Enter a user ID for your public key: First M. Last of somefirm

        # extract key in ascii form suitable for a message body
        pgp -kxa "First M. Last of somefirm" savedfile pubring

        # send it to PAX
        mail anon.key@pax.tpa.com.au <savedfile.asc

      - PAX will respond by sending you a new alias number and a
        public key to add to your keyring to use to encrypt messages
        to PAX. It will have a user ID name of "paxanon.publickey"
        and you should add it to your public key ring by saving the
        message in a file and presenting it as follows:

        pgp -ka savedfile

        Your life will be easier in future if you reply yes to the
        certify question.

      - Note that now you may have two aliases, that sent in response to
        the anon.key command and that sent in response to the anon.ping
        command or previous unencrypted replies or posts. Any sunsequent
        replies or posts that you encrypt before sending will be seen
        to others as having come from the new alias, and replies will be
        encrypted before being passed on to you. Any plaintext messages
        you send will appear to have come from the original alias and
        responses will also come back in plaintext.

 - Sending encrypted posts and replies.

     There are no other commands. If you encrypt a message and send it
     using the "anon.reply" and "anon.post" groups, the software will
     detect that they are encrypted, select the appropriate alias as
     a return address, decrypt the message, and mail or post it.

     You should use PGP 2.0 to encrypt messages sent to PAX, using
     the public key that PAX sent to you. DON'T FORGET TO SIGN your
     message using the secret key corresponding to the public key
     that you sent to PAX !!! Unsigned messages will be rejected
     to ensure that the message is really from you and not someone
     pretending to be you using your account or mailpath.

     Eg.:

        # sign and encrypt message for mailing to pax.
        pgp -east message "paxanon.publickey" -u "First M. Last of somefirm"
        mail -s "A test post" anon.post.alt.test <message.asc

     Note the -a (armor) and -t (text) options. Note also the subject
     flag to mail - PAX will whinge if you post something without a
     subject.

     Similarly, all messages to you will be signed using PAX's secret
     key corresponding to the public key PAX sent to you, hence you
     will know if the message really came from PAX and not someone
     else using your public key.

     ***** NB. The ENTIRE encrypted segment will be passed on after
     it has been decrypted. There is no processing of any contained
     header (though it won't work as a header), nor any removal of
     signature information within the encrypted text. Take great care
     to ensure that there is no identifying information within the
     encrypted text. *****

     Any plain text accompanying the encrypted text will be discarded.
     The Subject header field is still passed on during postings as
     with "normal" unencrypted posts.

     More work may be done on these "features" if there is sufficient
     demand for it :).

Miscellaneous administrative commands:

 - To see the current status of the system (message of the day):

    mail anon.status@pax.tpa.com.au

 - To send mail to a human administrator:

    mail anon.admin@pax.tpa.com.au

 Mailing List
 ============

To send mail to/join/unjoin a mailing list about this service, and
anonymous services in general:

    mail anon.list@pax.tpa.com.au
    mail anon.subscribe@pax.tpa.com.au
    mail anon.unsubscribe@pax.tpa.com.au


 How secure is it ?
 ==================

Not bad. Clearly it depends on the security of the underlying PGP 2.0
software which is discussed at length in its documentation.

The keys are stored, and the messages encrypted and decrypted on
a server which also hosts a Public Access Unix system. These files
are protected by the usual Unix security mechanisms, but in the
event of a security breach could conceivably become visible. The
keys would hence be compromised and any messages passing through
could be decrypted. The PAX administration could theoretically
access the keys and files at will of course.

It is hard to conceive of an alternative implementation which links
anonymity with privacy enhancement however. This is no substitute for
a direct person to person link with certified keys and this service
should not be used as a substitute for such if security is a primary
concern.

 Legal Issues.
 =============

PGP 2.0's use of the RSA algorithm is a problem in the US where a patent
is now held on the algorithm, despite its widespread promulgation before
the patent was obtained. The PGP documentation discusses this issue at
length.

Sufficeth to say, this service is provided by a site in Australia and
hence should not be subject to the constraints imposed by the US patent.
The service is offered to anyone who can reach this site by mail, in
addition to PAX's own users, and there is no intention of obtaining any
commercial gain by providing the privacy-enhanced anonymous service.

Whether individuals in the US can legally use the PGP software to use the
service provided by PAX for their own personal use, without first obtaining
a license to use the RSA algorithm is an untested issue. Certainly the
software is widely available even though it is now maintained outside the
US.

No such concerns should apply anywhere other than the US.

This project is an experiment to see if the concept is feasible and if
there is any demand for it. The software is crude, but functional,
but it is quite possible that it will fail in unforeseen circumstances.
It is designed to loose or fail to pass on a message rather than post or
return plaintext (which would be very undesirable) but there can be no
guarantees. It is conceivable that plaintext might get sent where it
was not intended, and PAX assumes no responsibility for the consequences.
At least this would be no worse than the situation that prevails with
current anonymous services.

THIS IS EXPERIMENTAL SOFTWARE IN A STATE OF FLUX - YOU HAVE BEEN WARNED.

END OF FILE

- --
** Anonymity & Privacy by PAX - Public Access Unix (Adelaide,South Australia) **
anon.admin@pax.tpa.com.au (a human)    anon.info@pax.tpa.com.au   (for help)
anon.ping@pax.tpa.com.au  (get alias)  anon.key@pax.tpa.com.au    (register key)
anon.###@pax.tpa.com.au   (reply)      anon.post.g@pax.tpa.com.au (post to g)
anon.list@pax.tpa.com.au  (to mailing list)
anon.subscribe@pax.tpa.com.au          anon.unsubscribe@pax.tpa.com.au

For dialup Unix access phone +61-8-235-9010 - online registration.