-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 12:24 PM -0700 4/24/03, Tim May arose to smite linguistic heresy:
For on-line clearing, a copy of the spent "coin" stops double-spending.
Indeed. That was my entire point. Thank you for repeating it. Again. As for the following...
I would not call it a "coin," however. We should reserve the word "coin" for things which behave like coins, e.g, things that clear locally without presentation to an issuer or other entity.
"We" should, but I won't, though I prefer using "coins" to mean something even smaller -- my original use in this thread a lamentable and reflexive use from the DigiCash days -- but I think if we're copying, or, more properly, redeeming and reissuing, something to that controls ownership of an asset, something that is supposed to reside, physically, in a single place on the net at any one time, it's more like a coin, or a subway token, or a note, or a bearer bond, than anything else used to move money around, say, book-entries (debits and credits) tunneled using SSL, for instance. And, no, I don't think the use of "coin" or "note", much less "certificate", is even close to the modern mis-use of the words "signature" or "certificate" to describe cryptographic authentication, because there's a whole lot of difference between those things and the holographic, supposedly biometric, writings that we call "signatures" in meatspace. But, we say "signature", anyway. Hopefully we'll re-load "certificate", someday... So, calling a financial instrument using a Chaumian blind-signature financial cryptography protocol a "note", or "certificate", is fine. As for "coin", while we were thinking about this stuff a while back, I decided that streaming protocols, using bulk-issued MicroMint, and then Rabin Signature, "tokens", tested for double-spending with statistical sampling, could execute, clear and settle at a low enough cost enough to be called a "coin". Chaumian or other blind signature "notes" have to be checked on every transaction, so they are, by definition, more expensive to handle individually, just like paper notes are, compared to a coin.
For off-line clearing, double-spending is a significant and hard problem. Perhaps unsolvable.
Amen.
If so, then there are no digital coins and never will be.
If you say so, Tim. :-).
(I don't count token-based systems, using smartcards or "observers," as digital coins.)
I think "token" is also a word subject to overloading. I would call "token" a superset of "coin" and "note", myself, to be used to generalize things. In current usage in the ATM or meatspace electronic payment business, "token" means the thing you carry around to put into an electronic "terminal" as one "factor" in a two-factor transaction process. A shared secret, like a "Personal Identification Number" being the second "factor". "Three factor" authentication, of course, uses a "signature", right? ;-).
Everything connected with money costs money, by the way. Even keeping copies and comparing them to newly-presented exemplars.
Certainly if you want to dance your nits on the head of a pin, yes, Tim, knock yourself out. You certainly seem better catching and wrangling them then I am. On the net full of scientists, former or otherwise, the price of error, no matter how small, is bandwidth... Of *course*, everything costs money. I plead a Dirksenist brevity, in the meantime. Cheers, RAH "A coin here, and a coin there..." -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 - not licensed for commercial use: www.pgp.com iQA/AwUBPqhUZMPxH8jf3ohaEQLtBQCfXmO3HAqoMd0QBywCm2mdx3Xt9GIAnjgo guMk67rqIyo6KMifU4IVHhii =D1bN -----END PGP SIGNATURE----- -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'