Re: patent free(?) anonymous credential system pre-print
Stefan Brands writes regarding http://eprint.iacr.org/2002/151/:
The paper shows some promise but, apart from being insecure, has other drawbacks that should be addressed:
... My work... introduced by myself... my MIT press book...
In addition to various other drawbacks pointed out by of Dr. Adam Back (see www.mail-archive.com/cypherpunks-moderated@minder.net/msg02752.html), the proposal does not offer a wallet-with-observer mode, discarding protection, anonymous recertification / updating, multi-application certificates, etcetera.
And balanced against all these numerous shortcomings, there is one inescapable, overwhelming fact: THE AUTHORS ARE MAKING THE FRUITS OF THEIR LABOR AVAILABLE FREELY FOR THE WORLD TO USE. With all of your patents, and your writings, and your self-promotion, how many people are using your certificates in the real world? Think how much you could have accomplished, how much of a difference you could have made, if you had been willing to sacrifice the hope of great riches. Instead you have followed in the footsteps of your mentor Chaum, and both of you have withheld your talent from the world. What is it about cash and credential systems that everyone who works in the area thinks they should patent their results? All you have accomplished is to make sure that no implementations exist! What good are your great ideas if no one can use them? Look at Chaum! Is that where you want to be in 20 years? Bitter and barren? Cut off from the cryptographic community? Reduced to publishing via the government patent office? That's no life for a great mind. Creativity demands interaction with an active and vital intellectual community. You have to give in order to take. Building walls around your intellectual property shuts others out even as you shut yourself in. If you really want to accomplish something meaningful, rather than continuing to hype and shill for a system which no one can use without entering into delicate financial negotiations, why not make it available on some basis for people to experiment with? Maybe a non-commercial, open-source GPL implementation could be a starting point. There is considerable interest in reputation systems among the P2P community and credentials could be a part of that. You can still protect your commercial interests while letting people get familiar with the technology by making a non-commercial library available. That's just one possibility. The point is, your ideas are going nowhere using your present strategy. Either this technology won't be used at all, or inferior but unrestricted implementations will be explored, as in the recent work. If you want things to happen differently, you must change your strategy.
participants (1)
-
Nomen Nescio