--- begin forwarded text
Date: Mon, 5 Mar 2007 11:34:34 -0500
To: "Philodox Clips List"
What's a good name for something which has all the properties of blinded tokens, but is not called ecash?
No euphemism required. Call it what it is: a digital bearer certificate.
No. Seriously. It's not dead yet, Jim, it's still twitching... :-).
"Bearer certificate" is a financial operations term of art. The observation
that Chaumian blind signature cryptographic transaction protocols control
and hold assets in bearer form is not mine, by the way, it's Nick Szabo's,
and all the E-language/capability-programming folks use "bearer" in that
context, and for that reason.
And all the financial operations/regulatory/economist people I have
explained this to also use it, because, once explained to them, it's self
evident. :-).
More important, it's such a financial term of art, such a semantic shot-cut
to the financial medulla oblongata, that when you say "digital bearer
certificate" to a finance person -- especially a financial operations
person for the first time, they do a double-take, say, "really???". And
then they get this great big grin. Even now, after 9/11, they still do.
Especially these days, since we're seeing the collapse of identity's
usefulness to prevent fraud, or create security, especially as closer
transaction settlement and clearing times trend toward instantaneity, and
identity theft becomes more prevalent -- and the proffer of identity
credentials everywhere becomes more security theater than security itself.
Okay, so some financial operations people I talk to get very angry, for any
of a number of reasons, including the partially-aforementioned demonization
of bearer transactions because of the perceived forensic value of
book-entry settlement in other areas of law-enforcement, but also because
some of them think they see the obsolescence of everything they've learned
about financial operations itself. Which, ultimately, isn't really the
case. Like energy in physics, finance, especially financial operations, is
always conserved.
So maybe we should all stand inside the nomenclature tent, pointing out, as
it were, and use "digital bearer certificate"?
Or digital bearer protocol. Or digital bearer transaction, as the case
warrants.
When I started IBUC, I began to use "internet bearer" and so on, as a
subset of the above, because, as a business definition, if it didn't run on
TCP/IP we didn't want to play there. (Hence the company name "Internet
Bearer Underwriting Corporation". :-)) And, of course, TCP/IP is trending
toward ubiquity, even now.
Finally, while we're defining things, it's the *asset* which is in bearer
form, something which is impossible to do in the book-entry world. Some
people, particularly cryptographers who are otherwise afraid of
blind-signatures for whatever reason, political or otherwise, say that
digital bearer protocols are "not bearer", because offline transactions
permit double spending, or only prove double spending after the fact, that
certificates have to be redeemed/reissued on-line to categorically prevent
double-spending, and they're wrong. Or at least they frame the issue the
wrong way and miss the point.
It's not the offline/online characteristics of the certificates themselves,
the cryptographic glops that move around the net like coins or notes
without the normal use of transaction databases that are the issue. It's
the *anonymity* of the protocol that makes the asset controlled by a
digital bearer financial cryptography protocol a, um, bearer asset --
though saying "bearer asset" too fast makes for humorous
pseudo-malapropism. :-).
Okay, if you're afraid, these days, of the word "anonymity", try
identity-orthogonality, or something equally multisyllabic. The point is,
you don't *need* identity to execute, settle and clear the transaction,
like we do with the book-entry transaction settlement status quo -- which
is why you can't have an anonymous book-entry transaction, even in
Switzerland. Or Liechtenstein. Or Luxembourg. Or Vanuatu. Or, apparently
lately, Singapore.
And, obviously, any decent network traffic analyst worth his salt is going
to see which IP address talks to whom on the net, so "anonymity" is a
rather loose concept, from a security standpoint, at the very least.
A literal definition of *a*-nonymity, if you will. Kind of like *a*-moral
versus *im*-moral, is where I'm going with this, anyway, in the same sense
that a car is a-moral, and cannot be im-moral or moral, for that matter.
It's also why I think that ultimately digital bearer transactions will be
cheaper than book-entry transactions in the long run: the price of
identity, in the raw transaction cost of increased security itself, is too
high, particularly as transaction cycle-time falls toward zero.
Cheers,
RAH
Who was down for most of four days and had to rebuild his server from
scratch this weekend due to a purely software-semantic issue and the
inability to have the right hardware on line to recover with. Backup is
your friend. :-). On the other hand, I have a terabyte external drive now,
which is cool, not to mention pretty cheap, bringing
shipwright/philodox/ibuc et al. up to 2TB in all, as I seem to have been
acquiring hard drives in a byte-wise semi-log series. As Mr. Mhyrvold once
observed, software is, indeed, a gas.
--
-----------------
R. A. Hettinga