At 4:20 PM 01/06/95, Nathaniel Borenstein wrote:

Yes, it is is true that if digicash starts working for real money, it will answer your objections quite nicely. However, there are lots of objections to that sort of system, too, they're just different ones. As both the FV and Digicash folks have pointed out many times, we have very different technologies that fill very different requirements, it's not an either/or choice. I think you could build interesting anonymous remailers on each system, too. -- Nathaniel

Try to bring up objections to a digicash-style system that are applicable to remailers. I agree that they are different technologies that fill different requirements, but it seems to me that the particular requirements of a remailer system are only met by a digicash/magic money style technology. I think an electronic cash system that will work with remailers, must satisfy these things: 1) You need to be able to enclose the "signifyer" of the transaction inside encryption. Whether the "signifyer" is the cash itself, or an agreement to make a transaction together with a billing number, or whatever, you need to be able to enclose it in a PGP (or other arbitrary PKE protocol) encrypted block. 2) The "signifyer" of the transaction (which again might theoretically be the cash itself, or some kind of billing number) alone shouldn't be enough to reveal the identity of the anonymous user. Number two up there is what most of us _mean_ by "anonymous digital cash", and FV simply doesn't meet it. FV might be perfectly adequate in some circumstances, but it doesn't meet that requirement, and many of us aren't going to feel comfortable using a system to pay for remailer access (among other things, certainly, but remailer access is something that is worthless without anonymity) that doesn't fulfill that requirement. If the "signifyer" alone can be used to determine who I am, even if it takes the collusion of FV and a remailer op, I'm not comfortable with that. Number One is neccesary for the ecash protocol to work within the remailer framework effectively; I've got to send each remailer it's payment within an "envelope" that no one else can penetrate. The use of an ecash payment system which doesn't meet these two requirements can't help but _lessen_ the security of the current conglomeration of remailers. Which is unacceptable to me. Remailers should be trying to approach the goal of ensured secure anonymity, and requiring payment by an ecash system which doesn't meet those two requirements would seem to be retreating from that goal, in a rather dificult to reverse manner.