On Friday, November 30, 2001, at 01:56 PM, Wei Dai wrote:
On Fri, Nov 30, 2001 at 04:28:58PM -0500, Adam Shostack wrote:
Following which, Alice pulls out the pre-dated revocation certificate, and generates confusion as to the validity of Bob's key change message.
I guess we would need a distributed public registry of key change/revocation messages that guarantees only one such message will be posted per key, and any revocation messages not posted to this registry would be ignored.
Again, I don't think reputation capital is the best solution to the problem that it tries to solve. I'm just trying to defend it against the charge that it's a nonsensical idea. I still propose b-money as a better alternative. Maybe Tim has found an even better solution, and if so I certainly look forward to seeing it.
I'm writing a response to your long reply to my long article. (You hadn't responded to my article for some number of days after it appeared, which is fine, but that's why I haven't felt pressured to reply immediately to your reply.) I'll try to get it out later today or tomorrow. But so there's no suspense, I'm not claiming a better cryptographic protocol, certainly not involving distributed key registries for nym reputations. It's that whole approach I'm arguing against. Which I think I argued for reasonably well in the long post. If you or others are not convinced, fine. But I will send off the reply on specific points later, tonight or tomorrow. --Tim May "Dogs can't conceive of a group of cats without an alpha cat." --David Honig, on the Cypherpunks list, 2001-11