On Wed, 29 Nov 2000 obvious@beta.freedom.net wrote:

The point is, RAH claimed that selling adult verification services using bearer credentials would be safe because, get this, the porn merchants would pay the verification service using anonymous ecash!

Ok, so we've moved the problem of how to turn that number sitting on your PDA into real cash, retaining full anonymity. This is the real heart of the key management issue: It's worth noting that the 'value' of the trust involved in a transaction is inversely proportional to the number of parties involved (at least in the general case). The reason is the concept of 'proof'. Consider that I'm not likely to trust an individual without an arbiter for large transactions. They'd be rather silly to reciprocate. Thus for me to 'prove' that this person buying my boat with the digital cash without some 3rd party is very expensive. So, by injecting a 3rd party who can arbitrate transactions and at the same time distrubite the fixed costs of business outside of the direct transaction fees (if any) across all transactions (thus lowering the users costs) we begin to see a basic system. The idea is that the small number of arbiters cover a large percentage of the market. So, now what's the cost of each arbiter trusting each other? Is it sufficient to stay within the pool of arbiters with respect to inter-arbiter arbitration? What sorts of constraints with respect to 'fairness' algorithms does this impose on the number of arbiters, there clearly must be three (3) but is this sufficient for all transactions? A few of the many questions are: - The 'value' of the digital cash is generally accepted, what sort of 'bolt-on' system would work? We can't lose the existing infrastructure. - It's easily converted to/from other forms of cash. This requires some wide spread arbitration system available when needed. - How do you build a system that will allow arbiter free transactions and at the same time enforce legal/contractual arbitration without involving itself in each transaction to begin with (thus spoiling our arbiter free transaction). [e.g. I don't need to tell Uncle Sam when I buy toilet paper, so I shouldn't have to tell him I don't need him.] - Can be purchased anonymously, but at the same time being able to support a PROVABLE binding between an 'identity' and an an account (and how do we generally blind accounts and then voluntarilly un-blind them as needed?). Not all cases require a provable binding but others will. What this means is that if I'm presented with this key I have a mechanism to prove to my own satisfaction this person is whom they say they are. - Require the arbiter to be responsible financially in the case where they authenticate in error. - Who designs the standards and software? Who do we trust to review and certify the results? How should we indemnify this arbiter of the arbitration software?

First, there is no ecash and so this isn't a reasonable first step towards getting bearer credentials established and in use.

Actually the whole system is going to have to be constructed and dropped into the society pretty much end-to-end complete. It is one of the default costs of entering the market. In for a penny, in for a pound. ____________________________________________________________________ Before a larger group can see the virtue of an idea, a smaller group must first understand it. "Stranger Suns" George Zebrowski The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ ravage@ssz.com www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------