--- begin forwarded text X-Sender: rah@pop.sneaker.net (Unverified) Mime-Version: 1.0 Date: Thu, 30 Apr 1998 17:50:18 -0400 To: e$@vmeng.com From: Robert Hettinga <rah@shipwright.com> Subject: db$: The Wright Brothers vs. Chixalub Sender: <e$@vmeng.com> Precedence: Bulk List-Subscribe: <mailto:requests@vmeng.com?subject=subscribe%20e$> --- begin forwarded text X-Sender: rah@pop.sneaker.net (Unverified) Mime-Version: 1.0 Date: Thu, 30 Apr 1998 15:26:30 -0400 To: Digital Bearer Settlement List <dbs@philodox.com> From: Robert Hettinga <rah@shipwright.com> Subject: db$: The Wright Brothers vs. Chixalub Sender: <dbs@philodox.com> Precedence: Bulk List-Subscribe: <mailto:requests@philodox.com?subject=subscribe%20dbs> X-Web-Archive: http://www.philodox.com/dbs-archive/ You might notice that the tag on this one says "db$". That's to differentiate it from my "e$" rants, which might be more general than ones like this one, which is on digital bearer settlement. I think there is lots of talk about electronic commerce and e$ these days from whole bunches of people, and, as a consequence, my interest in it has focused more onto the issue of digital bearer settlement. You'll probably be seeing more db$ tags than e$ tags on my rants going forward. All of which brings me to some obversations I've been making in public about blind signatures lately, and the excellent time I had at Ed Yeardon's Cutter Consortium "Summit" conference the past few days. Let's start with yet another aviation analogy about Digicash, shall we? :-). Remember, I like to do that. Once I compared privacy to flight, and said that, like flight, lots of people had died getting strong cryptography to work, and that privacy itself was an inherent good. The thing which actually got people to use the technology, however, was its commercial value. It wasn't the joy of flight or slipping the surly bounds of earth at Kitty Hawk that got people into the air, it was coach fare to Dayton. It was digital commerce, and thus financial cryptography, which created the most privacy. Digital Commerce is financial cryptography, financial cryptography is strong cryptography, and all that. Then there's my analogy of book-entry settlement as Boyle's law (partial pressure of gasses?) and strong crypto, particularly digital bearer settlement, as Bernoulli's law, the law describing aerodynamic lift. Essentially you can think of cryptography and bearer settlement as wings, and book entries as, well, bags of gas. :-). Thinking this way, with commerce on the internet as flight, First Virtual becomes a tethered baloon. Encrypting your First Virtual transaction makes it an aerodynamic barrage balloon. Encrypting a credit card in an SSL web-form is flying around on a Zeppelin. And, David Chaum becomes the Wright Brothers for inventing the airplane. I used to say "Or maybe Otto Lillenthal" under my breath to get a laugh, but now, I know exactly why David Chaum is the Wright Brothers. That's because Digicash *is* The Wright Flying Machine Company, or whatever the Wright's subsequent enterprise was called. It seems to me that Digicash's strategy with the blind signature is a dead ringer for the Wright Brothers' control of the airplane patent. Here's why: 1. In the beginning, nobody believed that the Wright brothers could fly, and they had to take the airplane to Paris and demonstrate it there before anyone in the US thought it was true. Digicash did the same thing. Actually, the NSA created a positively hostile environment here in the USA for cryptography, financial or otherwise, and that forced David Chaum to go to the Netherlands, where there was a more positive reception for his work. 2. Then, nobody could think about what you could do with airplanes, and the Wrights foundered for a bit.. Same thing with Chaum, Digicash, and the blind signature patent. The commercial internet didn't exist yet in 1986, and blind signatures were conceived as useful only in smartcards, which were just being experimented with. Digicash was going to be used in physical electronic wallets, and maybe in transponders at the gates of toll roads. The CAFE project was an example of this meat-space ecash strategy. It wasn't that Chaum didn't think about the internet. Far from it. He invented digital mixes, after all, which became the basis for anonymous remailers, onion routers, CROWDS, and the like. He just didn't look at blind signatures from the financial operations point of view and see digital bearer settlement, that's all. He was thinking privacy, and not financial operations, just like the Wrights were thinking flight, and not high-speed transportation. 3. The entire time they held the patent, the Wrights only really wanted to sell airplanes to governments, because they wanted to sell to a few large stable customers instead of small entities who would probably go out of business. Digicash, to this day, tries to sell to big institutions. Their now mostly internet-driven digital cash stategy is to create the financial equivalent of Alfred Nobel's dynamite cartel, where one bank in each country gets an ecash license, hopefully the largest bank possible. Mark Twain in the US was a proof of concept, if not an act of desperation on Digicash's part, but it did lead to exclusive (I bet) country-wide licences with Nomura, Deutchebank, the Swedish Post office, and others. There was talk at FC98 that Digicash received $1 million a month from Deutchebank just for the *option* on a Germany-wide license. I think they've now exercised that option. Frankly, I find this geographic, paint-by-the-nation-state approach quaint in a world of ubiquitous geodesic internetworks, but there it is, and it effectively prevents other people from doing anything innovative with blind signatures in the meantime. Monopolies on information technologies kind of work that way. Dogs and mangers come to mind, and not for the first time. 4. The Wrights, when they thought about the transportation business at all, thought about it in terms of "rides" instead of "trips". Digicash isn't really looking at the applications of their technology to anything except its original designed purpose, that is, cash. There are some leaks around the edges, of course. Nomura seems to be looking at blind signature digital bearer settlement as a real-time gross-settlement technology, with some kind of private, kiretsu-cash idea. Digicash people used to give you a shocked "how did you know that already" look when you talked to them about the painfully obvious potential use of blind signatures in the capital markets. However, I'm certain that Digicash thinks that capital market use of blind signature digital bearer settlement is a pipedream and that they'd better focus on the main chance, which is ecash. Preferrably electronic wallet-based ecash issued by a major bank. In competition with book-entry settlement, in book-entry settlement's own turf. Go figure. 5. Finally, the only innovation in the American aircraft market in the age of the Wright patent came from that famous airplane "infringer", Curtis, who didn't give a damn about patents and built airplanes anyway. Much better airplanes, in fact, which the Wrights eventually took him to court for, forcing Curtis to merge with the Wrights. Fortunately, European evolution in aviation continued apace, giving us the aviation equivalent of the Pre-Cambrian explosion, culminating in the names we all remember from World War I like Sopwith, Spad, Dornier, and, of course, Fokker. The problem is that there's no Curtis to infringe on the blind signature patent, because you can't hook up to the financial system from the internet -- land yur plane in other words -- without clear rights to use it. The banks where you move money on and off the net from would get sued. Unless they're in places like South Africa, where software patents don't matter, or Russia, where they're probably uninforceable. Places which have their own problems, not the least of which is poor internet access, poor financial network connectivity (something like Cirrus on the back end of a trustee/custodian would be, um, NYCE :-)), and, not least, poor impulse control by the local force merchants, monopolistic or otherwise. Tax havens don't even count. The very definition of a tax haven is someplace with a bandwidth and regulatory gravity well to keep it safe from any kind of market efficiency. A return to some kind of "Europe" for that hoped-for explosion of blind signature evolution could still be happening on the internet anyway. Certainly, with smart and tenacious people like Ian Goldberg designing HINDE and Ryan Lackey bashing on a reference version of it, one could certainly try to argue this, but there's no money doing this stuff right now (unless you count first-class upgrades to Anguilla or free nights in the InterIsland), much less something like the First World War to forge that innovation into a robust replacement for the book-entry economy. Which, thinking thinking of robustness, brings me to what I've been doing the last few days. Pete Loshin, former editor at Byte, former writer of various excellent how-to books on networking and one of the first surveys of internet commerce (and one of the founding members of the Digital Commerce Society of Boston, I might add, :-)), is now editor of Cutter Publications' "Corporate Internet Strategies" newsletter, which used to be edited by Ed Yourdon, of American Programmer, Y2K, and much other, fame. So, when they needed someone on a panel about electronic commerce at Cutter's "Summit" conference at the Boston Harbor Hotel's Wharf Room facility this week, someone controversial, they said, Pete said he knew exactly who to throw into the fray. It was fun, too. There, in front of a room full of senior IT managers from big companies and Famous Computer Guys, sitting on a panel on Internet Commerce, was one of Fidelity's Famous Computer Guys himself, now running their web technology department. And Pete. And Fidelity's retail web-marketing guy, and me. Fidelity has 900 billion dollars under management. 60% of their customer interaction now comes from the web. The ganglia twitch. Dropping that $100 billion 1997 internet transaction number, and saying that it was three orders of magnitude over the estimate didn't faze these guys. They had seen it happen. In addition, all of the people with websites I talked to said that they used SSL to interact with their customers. Almost all of them said that they used 128 bit encryption. The Mssrs. Fidelity faintly crowed about the fact. Digital Commerce is Financial Cryptography, so what else is new? Then, of course, I threw the whole geodesic economy, digital bearer settlement rant at them, right down to the picomoney as processor food, micromoney mitochondria bit. And, of course, they all stood up and threw their dinner rolls at me. It was great. That's because I'd been throwing my own dinner rolls, and I'd been been hinting what I was going to say all week. They even encourage you to heckle the speakers back with a liberal sprinkling of wireless mikes around the room. So every once in a while, I'd pop off with comments like intellectual property control was impossible, that watermarking only told you who the code was stolen from not who stole it. Or, why not have cash auctions for programming deliverables instead of top-down project management, Or, emergent processes for software were always going to beat "controlled" processes, Or, passing programmer certification laws in the wake of whatever Y2K thing happened would be impossible to enforce in a world of those same anonymous cash settled markets for programming talent. I even pointed them to the forum-hackers list as proof. One of my favorite gybes while I was up on the podium to the Fidelity marketing guy -- who's a nice guy but who's also fighting like crazy right now to drag Fidelity up the "quality service differentiation" ladder because Fido can't play least-cost-producer anymore in an eTrade world -- was my claim that eventually most so-called "branded" products would be reduced to graded fungible commodities, and that the more dependant a business was on information technology, the faster it would happen to them. Orthogonality is always more fun than the alternative. And you get lots of free dinner rolls. And, of course, after the digital commerce panel and lunch, Ed Yourdon wrapped it all up with his scary Y2K rant, followed by an appropriately scary bunch of panelists telling us just how scary all theis Y2K stuff really was, that Ed had gotten himself on down to Taos, complete with his own water supply, and that denial was when you lied to yourself and believed it. Or something. All of which I now believe more of, just because all these grey-haired programming aristocrats were nodding sagely about this prospect of impending doom for us all. Frankly, most of the people who've yammered at *me* about Y2K were either loons who hoped it would All Fall Down Someday Soon, or people like Vinnie, who think it's a good idea, if not fun, to know what to do if it ever does all fall down, but that praying for it wasn't going to make it so. I'd like to think I'm one of the latter. The other problem is, I've seen the end of the world coming before. Even predicted it myself on occasion. Haven't been able to reduce it to practice, yet, though. That's the reason Gibbon's in my .sig these days. So, let's get back to Digicash and the Wright Brothers. After hanging out with a whole bunch of top-down monolithic-system gurus and Y2K folks yesterday, it seems plausible. And, I'm certain there are lots of people out there who know lots about both and who hope that Y2K will be the Chixalub event that will burn off all the database-driven book-entry dinosaur systems and clear the way for a digital bearer mammalian explosion. Frankly, I think we're looking at a brushfire, if anything. The lawn will grow back, but the house won't burn, even if the water does go out for a bit. That's my story, and I'm sticking to it. Remembering, of course, the above bit about denial. But, suppose we *are* talking about the financial equivalent of that great 1970's 30-second short film epic, "Bambi vs. Godzilla", where Bambi is squashed by a giant green foot (oops, I gave away the plot), and the whole financial system goes away for a few days. Or a month. Is there any way to step in with digital bearer settlement as a robust alternative to book-entry funds transfer? Remember the great bank strike in Ireland, where everyone just passed around nth-party endorsed checks like they were money until it was all over? Could we do something like that? Would David Chaum and company let us do that without suing someone for infringement? Could they stop us, if the courts are full of Y2K liability cases? Would the internet still be up? Could we pay our ISPs with digital bearer certificates to keep them up? How about Iridium and Teledesic, which are supposed to be up by then? Once again, ganglia twitch. However, it might be fun to game the idea a bit, just to scare the neighbors. You know, pay ya all back when the banks come up? Well, maybe not. Ed says that the banks, and particularly Wall Street, are the most prepared of any of us. That makes sense. The half life of financial software these days is measured in months. For instance, one of NeXT's biggest markets was in the financial sectors, especially trading rooms, where any prototype which worked was immediately production code. They liked NeXT, despite all its other interesting charistics, because you could do exactly that, and faster than any other development environment. Of course, if anyone's a poster child for "sell Cadillacs, drive a Chevy, sell Chevies, drive a Cadillac", it's Steve Jobs. Of course, he sold NeXTs and got Apples, however that turns out... Still, it might be worth thinking about, trying to route around the book-entry financial settlement system as a pre-disaster exercise. Wright Brothers versus Chixalub, and all that. No, I don't wanna see the movie... Cheers, Bob Hettinga ----------------- Robert Hettinga (rah@shipwright.com), Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' The e$ Home Page: http://www.shipwright.com/ --- end forwarded text ----------------- Robert Hettinga (rah@shipwright.com), Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' The e$ Home Page: http://www.shipwright.com/ ---------------------------------------------------------------------- Where people, networks and money come together: Consult Hyperion http://www.hyperion.co.uk/ info@hyperion.co.uk ---------------------------------------------------------------------- Full-Strength Cryptographic Solutions for Worldwide Electronic Commerce http://www.c2.net/ stronghold@c2.net ---------------------------------------------------------------------- Like e$? Help pay for it! For e$/e$pam sponsorship or donations, <mailto:rah@shipwright.com> ---------------------------------------------------------------------- --- end forwarded text ----------------- Robert Hettinga (rah@shipwright.com), Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' The e$ Home Page: http://www.shipwright.com/