-----BEGIN PGP SIGNED MESSAGE----- In article <v02140b0aadc66b47f5b3@[206.170.39.104]>, Tim Dierks <tim@dierks.org> wrote:
Not that full anonymity isn't a Good Thing, but couldn't this be solved by having the merchant (who presumably is on-line) provide PDA <-> mint connectivitiy for the purposes of getting change, exchanging coins, etc.? My assumption is that all the ecash protocols are not subject to a MITM attack, which I would just presume to be good practice.
But if you go online, you give away your identity due to a timing coincidence.
Also, given the fully anonymous protocol as you've described it (both payor and payee blind the coins), what's to prevent the merchant from depositing your change before he gives it to you? Unless your PDA is online, you'll be home before you find out the hot dog vendor shorted you. (It's my understanding that the current digicash system does not support Chaum's method of revealing the identity of double-spenders).
That's another of the cool features of the "anon" protocol: the coin isn't complete until the protocol is finished. The hot-dog vendor doesn't have enough information to spend the coin. - Ian -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMaM5QUZRiTErSPb1AQH8FgP6A6eCI7dqEMUf27x/dsZjN5rp9fGWuhaf /DSQ2CAbdvBqpoYh4uMLkEMSD9WCD+NoV4Uy8MIkxLV+nUz2ZmkEqW+zHRy7zv9G Ag923kzlY8cLt3730EFz+WC64fOORz8UroBO53QDxvRP3RyiddZx4fw0LeP1YgiW urXhLYM3N+k= =axOu -----END PGP SIGNATURE-----