A few random points related to messages from the last few days. (First, a "meta" point - whenever I post to this list, I get from 3 to about 10 messages over 2 or 3 days reporting on delivery errors. It would be nicer if these went to someone else. Some of the messages include as many as 20 or 30 names of list subscribers who were apparently included in the same "outgoing batch" as the bounced mail.) On PGP key verification: I understand that Branko hopes to get version 2.1 of PGP out in a week or so. One of the new features will be a mode to display a MD5 hash of each PGP key to facilitate read-aloud over the telephone. This should make it easier to phone-verify PGP keys, so we can have more _good_ sigs. On pseudonyms and reputations: Several people have suggested that it would be easy to conjure up dozens of fake personalities who would then vouch for each other, giving the illusion of a well-founded and trusted pseudonym. This would be ideal for con men and cops. This can be defeated by the use of the is-a-person credential, which Chaum describes in a couple of his papers, including CACM Oct 1985. This is a signed document given by an organization which makes you come in and give your thumbprint. The document is "re-blinded" a la Chaums' proposals for electronic cash, so that there can be no linkage between your is-a-person document and your actual thumbprint. However, the thumbprint makes it so you can't get more than one is-a-person document. Now, when you go to apply for credit, and you say, here are signatures from dozens of people that I've done business with in the past, and I've paid them all off on time, the first thing the creditor is going to ask is, who are all these people? Are they legit? Can you at least show me is-a-person creds on them? You won't be able to. You only have one is-a-person credential, and you can't make more. Again, these credentials do _not_ hurt crypto anonymity. There is no linkage between your credential and anything else about you. On electronic banking: The interesting thing about electronic banking is digital cash. The key feature of digital cash is anonymity of payments. There is nothing subversive about this. Ordinary cash has (nearly) this property. Are you being subversive when you buy a newspaper without paying by check or credit card? Of course not. The point is, we want to use digital payments so that we can transact business over the net. But the more things get computerized, the more possible forms of monitoring there are, by businesses as well as gov- ernments. There's nothing immoral in trying to keep VISA from knowing whom I like to do business with. Digital cash is designed to allow the convenience of electronic shopping, while keeping the privacy of ordinary cash payments. Conceptually, it's a simple idea. Technically, what has to be done to turn an electronic banking proposal such as Don Bellenger's into electronic cash is some way to make it so that withdrawals can't be paired up with deposits. You also need, of course, to prevent cheating such as spending the same piece of cash twice. It's not trivial to meet these requirements. The Chaum proposal I described is the simplest one that I know of that achieves this. On remailers: I haven't yet succeeded in doing a doubly-encrypted remailer test using Bill O'Hanlon's and mine. Once this works, I'll post instructions on how to do this, and possibly a script or two to make it easier. With two encrypted anonymous remailers, you can for the first time send anonymous messages such that no one person can know whom you are sending to. Bill and I would have to collude to find out who sent a particular anonymous message. If more such remailers can start operating, such collusion will become that much more difficult. On John Draper: I just wanted to say publically that the famous "Captain Crunch" was an inspiration to me when I was in college in the 1970's. Although I did not become a "phone phreak" or "cracker" he represented to me the spirit of questioning authority and exploring beyond the accepted bounds of the system. I have followed his career to some extent over the years and I think he has more than paid for any sins he may have committed in his youth. I for one am thrilled to have the idol of my younger days on the list. Hal 74076.1041@compuserve.com