No one else's account would be disclosed except to the owner. Handle, hash, or the full key itself is all the same. The point is that some shortened identifer is needed. This is not a technical matter, the customer can cook up anything he wants, There is no relation to the mechanics of PGP, I don't want to bother scanning in and verifying long strings of codes, and I need some short I.D. so the owner can identify his balance for verification (checking balances). There are obviously plenty of fancy variations on this, and I would be happy to set up whatever any body wants. Maybe the easiest way is to setup mail addresses for each depositor of the form: handle_of_depositor@digibank.com. So send signed email to that address, and I will respond with your balance. A couple of other addressees would be used for overall bank status report, and current operating rules. The digital cash account is represented by the escrow balance. If Sam wants me to take his collected funds and turn them into digi-cash, I can sign a voucher that I have segregated X amount of Sam's money into an escrow account pending receipt of the digi-cash voucher and instructions to move the escrow amount elsewhere. This is all that any bank is going to do. Basically, this looks like a very good thing to do. If handled properly and within the banking regulations, it could be a great advance. Does anybody here remember pre-ATM days? Standing in line at the bank to get cash? In 3rd world countries they don't even have checking. This means you have to walk around every month and pay your bills in cash. I haven't been in a bank in years since the ATMs came in. And this is at another, much higher level of abstraction.
address; and offer to accept deposits by cash, check, or what have you. With the deposit, write on it your PGP handle. Email me your public key corresponding to the handle on the deposit.
A better way would be to mail the public key itself, or a short hash of it along with your payment. That is all the information that would be required. A "handle" would be completely optional. If only the hash value is mailed, then the full key can be e-mailed or anonymously posted to a newsgroup that you montitor. If the full key is mailed, you should invest in a scanner and some simple OCR software.
This way, someone may print out the public key and mail it to you.
I will maintain a public list showing handles vs. Amount received, in collection, and in escrow.(Set Subject = "BANK" to get the list)
You should not disclose someone's balance to anyone else, and certainly no to the public. Someone requesting their balance should send the request by any communications channel (anonymous mail, newsgroup, anything) and sign it with the private key corresponding to the public key used when making the deposit. Then you should encrypt your reply (the account balance & any other info) using the public key, and send it back through any channel.
Funds will be paid out based on instructions encyphered with your private key.
I would make it: funds will be transferred based on instructions _signed_ with the private key corresponding to the public key used for deposit.
P.S. this would be equivalent to digital checking accounts. Do not confuse this scheme with the much more interesting Digital Cash ideas.
-- Yanek Martinson mthvax.cs.miami.edu!safe0!yanek uunet!medexam!yanek this address preferred -->> yanek@novavax.nova.edu <<-- this address preferred Phone (305) 765-6300 daytime FAX: (305) 765-6708 1321 N 65 Way/Hollywood (305) 963-1931 evenings (305) 981-9812 Florida, 33024-5819
--