Re: Ross's TCPA paper
A pseudonym that I can give up at will and that can never afterwards be traced to me is equivalent to an anonym. I'm not suggesting that anonymity be outlawed, or that every merchant be required to reject anonymous or pseudonymous customers. All I'm suggesting is that "small" merchants MUST NOT be required to accept such customers. On Sun, Jun 30, 2002 at 08:38:29AM -0700, bear wrote:
On Sun, 30 Jun 2002, Barney Wolff wrote:
The trouble I have with this is that I'm not only a consumer, I'm also a merchant, selling my own professional services. And I just will not, ever, perform services for an anonymous client. That's my choice, and the gov't will take it away only when they can pry it from my cold dead fingers. :)
Are you one of those who makes no distinction between anonymity and pseudonymity? 'Cause I've been talking about pseudonymity, and all your answers have been talking about anonymity.
Bear
-- Barney Wolff I never met a computer I didn't like.
On Sun, 30 Jun 2002, Barney Wolff wrote:
A pseudonym that I can give up at will and that can never afterwards be traced to me is equivalent to an anonym.
Actually, I don't have a problem with it being traced afterwards, if a crime has been committed and there's a search warrant or equivalent to trace it in order to further the investigation of a specific crime. And that's a pseudonym, not anonymity. My problem is that if merchant's information is easily linkable, or if several merchants have access to the same linkable field, then privacy is out the window. It's reasonable for a merchant to know every deal I've ever done with him (pseudonymity). It's not reasonable for a merchant to know nothing at all about my past dealings with anyone including himself (anonymity) nor for a merchant to know every deal I've done in my life, with everyone (marketing databases based on linkable ID's). Ray
Barney Wolff wrote:
A pseudonym that I can give up at will and that can never afterwards be traced to me is equivalent to an anonym.
No, a pseudonym can be linked to stuff (such as reputation, publications, money). An anonym cannot. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote:
No, a pseudonym can be linked to stuff (such as reputation, publications, money). An anonym cannot.
More to the point, there is no such "thing" as an "anonym", by definition.
There's no way to link the behavior of one event that an "anonym" causes to
any other event that that "anonym" might, or might not, have caused. If the
events are linkable to the same signing key, which is what we mean
reputation in cypherspace, then you have a pseudonym.
I do agree that a perfect pseudonym is functional anonymity, however, in
the meatspace, is-a-person, biometric identity sense of "anonymity".
Which points up the main flaw in book-entry content settlement/clearing
schemes like the one that Microsoft/WAVE is trying to pull off. If were
just possible to pay *cash* for *bits*, you don't care *who* bought your
bits, and, frankly, it's not only cheaper, it is, as we will find out soon
enough, impossible to do any other way at the anywhere near the actual cost
of transporting bits across the net.
I leave following that logical thread back to a recursive cash-settled
auction market for content, and the resulting income increase to *creators*
of content mostly at the expense of *distributors* of content :-), as an
exercise for the reader...
Like others, I'm practically praying that Microsoft actually tries to paint
this Escher picture of a financial Russell's paradox. The longer that
Microsoft, the content distributors, and, unfortunately, the financial
community, though learning has to occur sometime, persist in making a
"rights" "management" system which attempts to be both consistent and
complete, the more money other people will make getting a mostly-anonymous
cash-settled bits-on-the-wire content system up and running.
The price of the financial cryptography engineering is falling through the
floor as we speak. Sooner or later, it's just going to happen.
Then things will get interesting.
Cheers,
RAH
--
-----------------
R. A. Hettinga
anonym n : "Mr. and Mrs. John Smith" when signed in a motel register. On Sun, Jun 30, 2002 at 09:55:58PM -0400, R. A. Hettinga wrote:
More to the point, there is no such "thing" as an "anonym", by definition.
-- Barney Wolff I never met a computer I didn't like.
At 11:30 PM -0400 on 6/30/02, Barney Wolff wrote:
anonym n : "Mr. and Mrs. John Smith" when signed in a motel register.
No. Pseudonym(s). Subclass "Alias".
An anonym (literally, "no name", right?) is not signing the book at all,
and, thus, as "nyms" go, can't exist except in your mind. Somewhere St.
Anselm is smiling...
I'd be tempted to say that an anonym is it's own antinym and thus can't
exist, but that, as James Coburn said in a movie recently, would be just
plain mean...
:-).
Cheers,
RAH
--
-----------------
R. A. Hettinga
R. A. Hettinga wrote:
At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote:
No, a pseudonym can be linked to stuff (such as reputation, publications, money). An anonym cannot.
More to the point, there is no such "thing" as an "anonym", by definition.
Hmm. So present the appropriate definition? Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
My use of "anonym" was a joke. Sorry if it was too deadpan. But my serious point was that if a pseudonym costs nothing to get or give up, it makes one effectively anonymous, if one so chooses. On Mon, Jul 01, 2002 at 11:37:28AM +0100, Ben Laurie wrote:
R. A. Hettinga wrote:
At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote:
No, a pseudonym can be linked to stuff (such as reputation, publications, money). An anonym cannot.
More to the point, there is no such "thing" as an "anonym", by definition.
Hmm. So present the appropriate definition?
-- Barney Wolff I never met a computer I didn't like.
Barney Wolff wrote:
My use of "anonym" was a joke. Sorry if it was too deadpan. But my serious point was that if a pseudonym costs nothing to get or give up, it makes one effectively anonymous, if one so chooses.
Well, yeah, I'd say that single-use pseudonyms are, in fact, the definition of anonyms. Zero cost is not required, of course, except to make anonymity, err, zero cost. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 11:37 AM +0100 on 7/1/02, Ben Laurie wrote:
Hmm. So present the appropriate definition?
Well, like I said, (and to be completely pedantic about it :-)), it
seems to me that logically there's no such thing as an "anonym" even
though you could do pseudonymous things that are, prima facie, and
probably functionally, anonymous.
The closest thing might be a string of single-use keys, pseudonyms,
as we've said, or, in the "Mr. and Mrs. Smith" of motel register fame
(or user "cypherpunks", password "writecode"), everyone using the
same key, to using a key, or name as we (and now a dictionary
somewhere, though my spell-check dictionary flags it :-)), have also
said, is to create an *alternate* name or key for yourself, which is,
by definition, a pseudonym, even if it is used once, and unlinked to
any other event somehow.
And, to throw a curve into the whole discussion, there's also the
"fist" everyone uses on the net, like the fist that people had when
keying Morse Code. Or, more recently, the words, syntax, semantics,
"concordance", whatever, that they use when writing or talking. That
stuff has has been used in literature -- to apparent lesser effect
more recently with Shakespeare, and to greater effect with Joel
Klien, for instance. Or the way we buy or things in an electronic
market, or by mousing around the web. That kind of stuff, as Carl
Ellison has noted, is probably as good a biometric as there might
ever be, given enough data, so certainly a persistent pseudonym can't
be anonymous in the sense of unlinked behavior to itself. Frankly,
since we still live in a world of physical IP addresses, and
apparently, given the ZKS experience, a still uneconomical way of
mixing those addresses, traffic analysis, as usual, is still quite a
bitch.
Only when we can change the economics of pseudonymity will we have
anything approaching anonymity, in other words. If it's cheaper to do
things anonymously -- especially financial things, which are at the
core of most traceable, most linkable, literally "accountable",
"transparent" activity, right now -- then we'll get closer and closer
to anonymity.
So, maybe there isn't such a "thing" as an anonym, even though we
know what anonymity is. We can make generalizations about anonymity
all the time. The ultimate generalization being that anonymity, like
security and cryptography themselves, is more of an economic
asymptote than anything else. Something like perfection; as Anselm
said in trying to prove the existence of God before the concept of
calculus and limits would have shown him the error of his ways :-),
something that we can conceive in our mind, if not actually see in
reality. We can probably get close enough to be free, however, even
in a world of ubiquitous optical supervision of private property.
Dramatically freer than we are now, certainly, which is all that
matters.
Cheers,
RAH
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.5
iQA/AwUBPSBYzMPxH8jf3ohaEQKAVACfYeUm0QMu3PIcj9IacILb4S5t87AAoIZJ
B51jtZMJN0l+bOITjKVqK5Rn
=dZrT
-----END PGP SIGNATURE-----
--
-----------------
R. A. Hettinga
participants (4)
-
Barney Wolff -
bear -
Ben Laurie -
R. A. Hettinga