wcs@anchor.ho.att.com wrote:

Tim and Eric write things like:

...

I fully concur. The connotations of the word "haven" imply activities that ordinary people don't see themselves doing. This means that ordinary people won't generally use something called a "haven", even if they might use exactly the same service called something else.

We can always call them "Private Storage Servers" or some such; an interesting question is whether the main uses will be for retrieval by the storer, or by someone else, or by a bunch of others, and how we describe the service may affect that.

To coin a phrase, I fully concur. A taxonomy of services like this is needed. I was talking to some recently about dat havens/vaults/U-STOR-ITs, and it was once again clear that our language is imprecise. Also, that who the probably customers are, and how much they'll be willing to pay, is unclear. The "U-STOR-IT" model, similar to train lockers, safe deposit boxes, storage lockers, etc., is fairly well protected, legally and socially. Even though illegal things are often stored in such places, they haven't been banned. (And last time I was in Europe, train lockers were ubiquitously used, even in these terrorist times.) But make the storgage locker accessible to many people, and watch what happens. (I can't recall a good case on this, but I'm sure such "dead drops" would not go unscathed.) For example, the U-STOR-IT model applied to data is already common: remote backups, courier services that pick up DAT backups everyday, etc. But announce a site is for the anonymous storage and retrieval of files, a la storing commerical software, and watch for fireworks! (The recent outcome in the LaMacchia case notwithstanding....) Of course placing such sites outside the U.S. is one approach. Placing them at the end--or somewhere-- of a chain of remailers is another approach. The message pool approach used for BlackNet says that the site need not even be traceable: just encrypt once or twice (once to keep the contents secret, another to encrypt to BlackNet's public key) and put it into a message pool or other publically readable place. Then BlackNet grabs it, untraceably, and decrypts it, extracts its digital money storage fee, and holds the file. When a suitably-signed "storage receipt" is posted publically, BlackNet encrypts the file to the public key provided, and posts the file. Simple, eh? (Newcomers are likely to ask at this point: "But what's to keep BlackNet from cashing the digital money and then not sending the file out?" First, the encrypted data is of no use to BN, so the marginal value to them is nil. Second, potential customers will likely test the service with dummy files, etc. Third, reputations do matter.) But of course the taxonomy needs to be done by anybody seriously planning such a thing, and careful analysis of weaknesses and attacks should be done. (By the way, I've been remiss in not congratulating relative newcomer to the list, Wei Dai, for his insightful work on traffic analysis of remailers. It's the kind of work Hal Finney and Matt Blaze, and others, have long been doing, and I find it very encouraging. I'm not trying to sound judgmental here, just saying some of us appreciate this kind of detailed analysis. Much more is needed.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo@toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay