Is-Not-My-Name Nymserver
Introduction
Welcome to the homepage of the Is-Not-My-Name Nymserver. The following pages
will walk you through how to create, use and maintain a pseudonym account on
this service.
Prerequisites
In order to create and use your Nym, you're going to need a reasonably good
understanding of either PGP or GnuPG. Good enough that is to create a key and
sign/encrypt messages. Some understanding of how email messages are formatted
would also be useful.
Conventions
Currently two domains are supported:-
- mixnym.net
- is-not-my.name
All addresses and keys must reside in one of them. For these instructions
I'll use @domain to imply one or the other.
Creating a Nym
- Create a new key pair for yournym@domain.
Ideally, make it an RSA key of 4096 bits, (if all users create keys of the same
format, it's harder to link messages).
GnuPG Command: gpg --gen-key
- Export your Public Key
This will extract the newly generated key from your keyring and store it in a
text file. In the following example, I've named that file pubkey.txt
GnuPG Command: gpg --armor --export yournym@domain > pubkey.txt
- Edit the pubkey.txt file
You only need to perform this step if you want to configure additional options
on your Nym, such as Subject Identification or
Symmetric Encryption.
For each option, add a line to the pubkey.txt file using the format:-
option: setting
For example, to add a subject-password of dead_parrot:-
Subject-Password: dead-parrot
Caps are unimportant in the option name, but are sensitive in the setting.
- Encrypt the pubkey.txt file
The pubkey.txt file must now be encrypted to the Nymserver. In the following
example, the encrypted file will be created as pubkey.txt.asc
GnuPG Command: gpg --armor --encrypt --recipient config@mixnym.net
pubkey.txt
- Email the encrypted file
The file must now be sent anonymously to config@mixnym.net. The best way to do
this is to use mixmaster. You may also which to use your preferred Mixmaster
client.
Mixmaster Command: mixmaster -tm config@mixnym.net pubkey.txt.asc
That's it! The Nymserver decrypts the message, extracts your Nym's email
address from the supplied Public Key and processes it. Providing the Nym isn't
reserved or alreadly allocated, you will receive a confirmation message from
the Nymserver, encrypted to your key.
It's worth noting that this is the only message the server will ever accept
from you that's not signed by your key. From now on, your digital signature
will prove your ownership of the Nym.
Receiving Messages for your Nym
Unlike a normal email account, messages for your Nym aren't delivered to you
personally. Instead they are delivered to a common mailbox that you share with
many other users of anonymity systems. This shared mailbox serves to delink
incoming messages with their actual recipient.
The shared mailbox comes in the shape of a Usenet group called
alt.anonymous.messages. In order to find your messages within this group,
you'll need to download the entire content of the group and then attempt to
decrypt all the messages in it. If the decryption succeeds, the message is
your own.
Need to explain how to download and attempt to decrypt
messages.
In addition to messages sent to your Nym by other users, you'll also receive
information messages from the Nymserver about your configuration requests.
Wherever possible the server will inform you about issues with your Nym or the
changes you attempt to make to it. Once your key has been received by the
server, it has the capability to send you encrypted messages.
Sending messages from your Nym
Of course you can send messages by many means and just set the From header to
that of your Nym. Whilst this works, it's not at all anonymous! You can use
the Remailer Network to send the messages (and you certainly should) but many
remailers will not allow you to use a specific From header.
To overcome this issue, you can send your message through the Remailer Network to
the Nymserver. Here are the steps to achieve this.
Nymserver PGP Key
The Key for config@is-not-my.name and send@is-not-my.name can be obtained from
here
The key can be verified against a detached signature for
steve@mixmin.net.
The command to verify a detached signature is:
gpg --verify key.admin.sig key.asc
URL Retrieval
Slightly disconnected in functionality from the Nymserver, is-not-my.name also
provides a means to anonymously retrieve an HTML page. To do so, a correctly
formatted messages must be sent to url@is-not-my.name. The format is as
follows:
SOURCE http://www.someurl.foo/page.html
HSUB myhsub
KEY symmetric_key
Where:
- SOURCE: The URL to be retrieved. Multiple SOURCE lines can be included in
the same request.
- HSUB: The Hashed Subject key that can be used to identify the message in
alt.anonymous.messages. If this line is omitted, the KEY will be used to
generate the hSub.
- KEY: A symmetric passphrase that will be required to decrypt the resulting
post to alt.anonymous.messages.
Finally, the request should be encrypted to url@is-not-my.name and sent,
preferrably via anonymous means, such as the Mixmaster Remailer network.
Messages received in plain text will be discarded.