It occurs to me that there is a problem with remailers using Chaum's ecash as offered by MT bank and others. The attacker could coerce the sender of an anonymous message into revealing his blinding value, and use this to obtain the identity of each remailer hop by colluding with the bank. (The bank keeps a database of the blinded coins minted against who they were given to; unblinding reveals the coin which can then be compared against those deposited by remailers, tallying sender with remailer, all the way to the exit remailer.) To stop this, the sender should discard the blinding values, thereby removing his ability to be later coerced, or to later trace the recipient of his cash. Is there a way to purge blinding values from the ecash directory? Adam -- Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`