Re: Ross's TCPA paper
A pseudonym that I can give up at will and that can never afterwards be traced to me is equivalent to an anonym. I'm not suggesting that anonymity be outlawed, or that every merchant be required to reject anonymous or pseudonymous customers. All I'm suggesting is that "small" merchants MUST NOT be required to accept such customers. On Sun, Jun 30, 2002 at 08:38:29AM -0700, bear wrote:
On Sun, 30 Jun 2002, Barney Wolff wrote:
The trouble I have with this is that I'm not only a consumer, I'm also a merchant, selling my own professional services. And I just will not, ever, perform services for an anonymous client. That's my choice, and the gov't will take it away only when they can pry it from my cold dead fingers. :)
Are you one of those who makes no distinction between anonymity and pseudonymity? 'Cause I've been talking about pseudonymity, and all your answers have been talking about anonymity.
Bear
-- Barney Wolff I never met a computer I didn't like.
On Sun, 30 Jun 2002, Barney Wolff wrote:
A pseudonym that I can give up at will and that can never afterwards be traced to me is equivalent to an anonym.
Actually, I don't have a problem with it being traced afterwards, if a crime has been committed and there's a search warrant or equivalent to trace it in order to further the investigation of a specific crime. And that's a pseudonym, not anonymity. My problem is that if merchant's information is easily linkable, or if several merchants have access to the same linkable field, then privacy is out the window. It's reasonable for a merchant to know every deal I've ever done with him (pseudonymity). It's not reasonable for a merchant to know nothing at all about my past dealings with anyone including himself (anonymity) nor for a merchant to know every deal I've done in my life, with everyone (marketing databases based on linkable ID's). Ray
Barney Wolff wrote:
A pseudonym that I can give up at will and that can never afterwards be traced to me is equivalent to an anonym.
No, a pseudonym can be linked to stuff (such as reputation, publications, money). An anonym cannot. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote:
No, a pseudonym can be linked to stuff (such as reputation, publications, money). An anonym cannot.
More to the point, there is no such "thing" as an "anonym", by definition. There's no way to link the behavior of one event that an "anonym" causes to any other event that that "anonym" might, or might not, have caused. If the events are linkable to the same signing key, which is what we mean reputation in cypherspace, then you have a pseudonym. I do agree that a perfect pseudonym is functional anonymity, however, in the meatspace, is-a-person, biometric identity sense of "anonymity". Which points up the main flaw in book-entry content settlement/clearing schemes like the one that Microsoft/WAVE is trying to pull off. If were just possible to pay *cash* for *bits*, you don't care *who* bought your bits, and, frankly, it's not only cheaper, it is, as we will find out soon enough, impossible to do any other way at the anywhere near the actual cost of transporting bits across the net. I leave following that logical thread back to a recursive cash-settled auction market for content, and the resulting income increase to *creators* of content mostly at the expense of *distributors* of content :-), as an exercise for the reader... Like others, I'm practically praying that Microsoft actually tries to paint this Escher picture of a financial Russell's paradox. The longer that Microsoft, the content distributors, and, unfortunately, the financial community, though learning has to occur sometime, persist in making a "rights" "management" system which attempts to be both consistent and complete, the more money other people will make getting a mostly-anonymous cash-settled bits-on-the-wire content system up and running. The price of the financial cryptography engineering is falling through the floor as we speak. Sooner or later, it's just going to happen. Then things will get interesting. Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
anonym n : "Mr. and Mrs. John Smith" when signed in a motel register. On Sun, Jun 30, 2002 at 09:55:58PM -0400, R. A. Hettinga wrote:
More to the point, there is no such "thing" as an "anonym", by definition.
-- Barney Wolff I never met a computer I didn't like.
At 11:30 PM -0400 on 6/30/02, Barney Wolff wrote:
anonym n : "Mr. and Mrs. John Smith" when signed in a motel register.
No. Pseudonym(s). Subclass "Alias". An anonym (literally, "no name", right?) is not signing the book at all, and, thus, as "nyms" go, can't exist except in your mind. Somewhere St. Anselm is smiling... I'd be tempted to say that an anonym is it's own antinym and thus can't exist, but that, as James Coburn said in a movie recently, would be just plain mean... :-). Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
R. A. Hettinga wrote:
At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote:
No, a pseudonym can be linked to stuff (such as reputation, publications, money). An anonym cannot.
More to the point, there is no such "thing" as an "anonym", by definition.
Hmm. So present the appropriate definition? Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
My use of "anonym" was a joke. Sorry if it was too deadpan. But my serious point was that if a pseudonym costs nothing to get or give up, it makes one effectively anonymous, if one so chooses. On Mon, Jul 01, 2002 at 11:37:28AM +0100, Ben Laurie wrote:
R. A. Hettinga wrote:
At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote:
No, a pseudonym can be linked to stuff (such as reputation, publications, money). An anonym cannot.
More to the point, there is no such "thing" as an "anonym", by definition.
Hmm. So present the appropriate definition?
-- Barney Wolff I never met a computer I didn't like.
Barney Wolff wrote:
My use of "anonym" was a joke. Sorry if it was too deadpan. But my serious point was that if a pseudonym costs nothing to get or give up, it makes one effectively anonymous, if one so chooses.
Well, yeah, I'd say that single-use pseudonyms are, in fact, the definition of anonyms. Zero cost is not required, of course, except to make anonymity, err, zero cost. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 11:37 AM +0100 on 7/1/02, Ben Laurie wrote:
Hmm. So present the appropriate definition?
Well, like I said, (and to be completely pedantic about it :-)), it seems to me that logically there's no such thing as an "anonym" even though you could do pseudonymous things that are, prima facie, and probably functionally, anonymous. The closest thing might be a string of single-use keys, pseudonyms, as we've said, or, in the "Mr. and Mrs. Smith" of motel register fame (or user "cypherpunks", password "writecode"), everyone using the same key, to using a key, or name as we (and now a dictionary somewhere, though my spell-check dictionary flags it :-)), have also said, is to create an *alternate* name or key for yourself, which is, by definition, a pseudonym, even if it is used once, and unlinked to any other event somehow. And, to throw a curve into the whole discussion, there's also the "fist" everyone uses on the net, like the fist that people had when keying Morse Code. Or, more recently, the words, syntax, semantics, "concordance", whatever, that they use when writing or talking. That stuff has has been used in literature -- to apparent lesser effect more recently with Shakespeare, and to greater effect with Joel Klien, for instance. Or the way we buy or things in an electronic market, or by mousing around the web. That kind of stuff, as Carl Ellison has noted, is probably as good a biometric as there might ever be, given enough data, so certainly a persistent pseudonym can't be anonymous in the sense of unlinked behavior to itself. Frankly, since we still live in a world of physical IP addresses, and apparently, given the ZKS experience, a still uneconomical way of mixing those addresses, traffic analysis, as usual, is still quite a bitch. Only when we can change the economics of pseudonymity will we have anything approaching anonymity, in other words. If it's cheaper to do things anonymously -- especially financial things, which are at the core of most traceable, most linkable, literally "accountable", "transparent" activity, right now -- then we'll get closer and closer to anonymity. So, maybe there isn't such a "thing" as an anonym, even though we know what anonymity is. We can make generalizations about anonymity all the time. The ultimate generalization being that anonymity, like security and cryptography themselves, is more of an economic asymptote than anything else. Something like perfection; as Anselm said in trying to prove the existence of God before the concept of calculus and limits would have shown him the error of his ways :-), something that we can conceive in our mind, if not actually see in reality. We can probably get close enough to be free, however, even in a world of ubiquitous optical supervision of private property. Dramatically freer than we are now, certainly, which is all that matters. Cheers, RAH -----BEGIN PGP SIGNATURE----- Version: PGP 7.5 iQA/AwUBPSBYzMPxH8jf3ohaEQKAVACfYeUm0QMu3PIcj9IacILb4S5t87AAoIZJ B51jtZMJN0l+bOITjKVqK5Rn =dZrT -----END PGP SIGNATURE----- -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
participants (4)
-
Barney Wolff -
bear -
Ben Laurie -
R. A. Hettinga