[zeveb]

I don't think too many people want the people they communicate with using Signal to be anonymous to them; they want them to be anonymous to Open Whisper Systems. Ideally, OWS would have no way to know that I'm talking to my best friend, or who we are.

Getting that to work is tricky, but it'd be awesome.

I can imagine a system where users prove possession to OWS of their phone numbers via SMS — as they currently do — and OWS issues them certificates using some sort of blind signature scheme; they can then use those certificates to prove to any server they talk to that they are someone with an identity, and the server can use a subsidiary certificate to demonstrate to other servers that it's acting on behalf of someone with an identity (but not whose identity), and the recipient's server can rate-limit based on that identity, and potentially even record information to aid in manually tracking someone down — without revealing the identity in normal use.

I could be wrong, and I've definitely not proven that it can work. But I think it can be made to.