Simple. Once the buyer has the keys she issues an email saying "I'm changing my keys, here's the new public key" and signs it with the old key - thus proving that the nym's original message was valid, thus invalidating the old one. Duh! ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :Surveillance cameras|Passwords are like underwear. You don't /|\ \|/ :aren't security. A |share them, you don't hang them on your/\|/\ <--*-->:camera won't stop a |monitor, or under your keyboard, you \/|\/ /|\ :masked killer, but |don't email them, or put them on a web \|/ + v + :will violate privacy|site, and you must change them very often. --------_sunder_@_sunder_._net_------- http://www.sunder.net ------------ On Fri, 30 Nov 2001, Adam Shostack wrote:
On Fri, Nov 30, 2001 at 12:14:13PM -0800, Wei Dai wrote: | On Thu, Nov 29, 2001 at 07:53:02PM -0800, georgemw@speakeasy.net wrote: | > Even this is not a scalar. Since reputation cannot be bought | > and sold, the idea that it is worth a specific well defined amount is | > false. | | If you own a nym, you can easily sell its reputation. Just give the | private key to the buyer.
How does the buyer ensure that I haven't kept a copy? If what I'm selling is a nym, then without the nym, I am anonymous. Adding layers of nymity for reputation with partial disclosure seems a complex and failure-prone approach.
Adam
-- "It is seldom that liberty of any kind is lost all at once." -Hume