Robert Hettinga wrote:
At 9:47 pm -0500 11/14/96, Rich Graves wrote:
[Lots deleted; I agree that I was unwittingly proving some of your points with some of mine, thanks for the lesson...]
Pseudonymity is only perfect where artificial boundaries such as respect for netiquette are erected. If someone really wanted to track you down, they could either find you, or "out" you as a pseudonym "afraid to use your own name." Both can be damaging (to your reputation or otherwise). In order to put your life on the line for something, you need a life story.
Okay. Then it should be trivial for you to tell me who "Pr0duct Cypher"(sp?) is...
Sure. I'll give you the answer in email; no need to bother the whole list. But what kind of reputation does Pr0duct Cypher have, really? What has Pr0duct Cypher done or said that you cannot independently verify? In what sense do you "trust" Pr0duct Cypher? What you're trusting is source code, which is self-certifying. If Pr0duct Cypher tried to tell you about events in history or in a foreign country, or about technical subjects in which you had no personal competence, would you trust the information? Why should people who know nothing about crypto code trust Pr0duct Cypher's tools? (In reality the answer is: they don't. They buy from less technically adept companies that they can sue if things go wrong.) Among specialists, collegial discussion works for establishing reputation. But where you need to put faith in someone or something that you cannot independently verify, real personal accountability is still useful. Why do you trust your doctor? Would you buy food or water (or a gun) from an anonymous source with no verifiable meatspace presence? -rich