CDR: Hard Shelled ISP?
Would there be a market for someone to create an encrypted-services provider? Would people do this? Here is what I envision, at a cost of something like $10/month. Email accounts that bounce anything not encrypted - either silently or with a message that says "this account accepts only encrypted mail." at the option of the account holder. These accounts are restricted in some way that makes them unattractive to spammers - probably they are able to send no more than 3 or 4 unencrypted emails a day, maybe they are unable to send *any* unencrypted email. Web Hosting strictly via HTTPS. Standard accounts get four or eight kilobytes accessible by http (enough for a redirect), and 100 Megabytes or so of web space accessible by HTTPS. Anonymous accounts. You send a message with a long random key and a few dozen choices for your login name, and a password to use (send via a remailer or whatever) and the provider publishes a webpage with listings mapping keys to login names to tell you what login name you've gotten. The provider holds the name for a couple of weeks. If during that time the provider recieves payment for an account by that name with a that password (say, by cash or bullion via mail or courier, or any of various ecash systems) then the provider creates an account with login, that balance and that password. The provider also publishes a page of login names in use, so you can check to try to avoid collisions. To renew your account, your payment must be sent with your login name and the original payment key. If it can be done legally, the service provider would get a debit card for each account paid more than $200 in advance, and give the card number to the account holder. Then, whatever amount had been prepaid would be available for web purchases, etc. for web merchants with POS stuff. This is a sticking point, and could cause a lot of trouble if any missteps are made. In the worst case, 30% of this money would have to be paid to the IRS - to avoid charges of abetting tax evasion while maintaining client anonymity. (technically, this ought to make the money paid for the service tax deductible, but you could only claim it by revealing your True Name along with proof that you'd paid it -- so clients interested in real anonymity would have to bite the bullet and pay taxes on that money twice). Nice anonymizing web proxy with whatever filters you like, returning whatever CGI information you want it to return. Cookie functioning is selectable by host (so you can, eg, deal with your bank via the proxy if you want). Web proxy is available only via https -- ie, the link between the proxy and the user is *required* to be encrypted. Anonymous encrypted FTP. Two kinds -- one is FTP over SSL, the other is FTP where the file being downloaded is encrypted to start with. There are applications for both. Paying clients could put up a download directory; joe random could download stuff from it. No unencrypted FTP would be available. NNTP over SSL. Not that what's in usenet news is secret, but there's no point in having your reading habits monitored. The basic idea is, there's no point in having *any* unencrypted traffic on a server if you can help it. It ought to be the case that even if a 'carnivore' is installed, there is no unencrypted traffic for it to sniff. I think this is, just barely, feasible. What say you all? Bear
At 11:59 AM -0700 on 10/26/00, Ray Dillinger wrote:
Here is what I envision, at a cost of something like $10/month.
Go find the original archived web page for c2.net? When privacy costs more than no privacy, we have no privacy. Sad, but true. Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
At 4:37 PM -0400 10/26/00, R. A. Hettinga wrote:
At 11:59 AM -0700 on 10/26/00, Ray Dillinger wrote:
Here is what I envision, at a cost of something like $10/month.
Go find the original archived web page for c2.net?
When privacy costs more than no privacy, we have no privacy.
Sad, but true.
Oh? "When curtains over windows cost more than no curtains over windows, we have no curtains." "When locks on doors cost more than no locks on doors, we have no locks on doors." ...and so on, for a dozen other obvious examples where "privacy" of one form or another costs more than the alternative of no privacy and yet where some, even many, choose the privacy option. The issue with computers and networks is different for a number of reasons. For one thing, most people have poor understandings of what's happening in networks and systems. They assume someone else is doing something to secure them, or they assume the communications must be too difficult to untangle (that is, they don't understand about sniffers, filters, etc.), and they just don't bother to give it much thought. For another, most people have not themelves experience a security problem. While they understand how neighborhood thieves can break in and steal their stuff, they have no similar experience for their computer data. Unless and until this changes, they just won't care very much. Lastly, there's the insurance issue I've written about several times. As with actual physical safes, the motivation for better safes came from insurance companies. (For the obvious reason that insurance companies are conversant with risk, payoffs, and think in terms of unlikely-but-possible events. This means that Joe Merchant sees a "discounted present value" of buying the better Mossler safe.) Sloganeering is always dangerous. First articulated by Epimenides the Cretin (and Cretan). --Tim May -- ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, "Cyphernomicon" | black markets, collapse of governments.
At 5:50 PM -0700 on 10/27/00, Tim May tits a tat or two, in detail...:
When privacy costs more than no privacy, we have no privacy.
Sad, but true.
Oh?
"When curtains over windows cost more than no curtains over windows, we have no curtains."
"When locks on doors cost more than no locks on doors, we have no locks on doors."
<and so on...> Mostly, when I tossed that one off, I was remembering arguments around here -- more than once -- that anonymity, particularly in anonymous transactions, will *always* cost more than non-anonymous ones. Something I dispute rather heatedly, of course, or I wouldn't be spending so much money, or working so hard, these days to prove otherwise... Which, unfortunately for the level of discourse around here, was my point, and I apologize if my brevity caused confusion. So, to put it another way, when privacy is *cheaper*, on a risk adjusted basis, than we'll have privacy, and not much until then. I expect most of us would agree to that, if they thought about it enough. The "risk adjusted" bit is, of course, the most important one, as noted quite comprehensively, in the above response to a fairly simple, albeit catchy, observation. When I'm working on a problem, I never think about beauty. I think only how to solve the problem. But when I have finished, if the solution is not beautiful, I know it is wrong. --R. Buckminster Fuller Sometimes, the "easy" answer is, in fact, the right one. More to the point, it seems to me that complication is usually the handmaiden of misapprehension. There. *That* should stir things up a bit... Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
At 10:38 PM -0400 10/27/00, R. A. Hettinga wrote:
At 5:50 PM -0700 on 10/27/00, Tim May tits a tat or two, in detail...:
When privacy costs more than no privacy, we have no privacy.
Sad, but true.
Oh?
"When curtains over windows cost more than no curtains over windows, we have no curtains."
"When locks on doors cost more than no locks on doors, we have no locks on doors."
<and so on...>
Mostly, when I tossed that one off, I was remembering arguments around here -- more than once -- that anonymity, particularly in anonymous transactions, will *always* cost more than non-anonymous ones. Something I dispute rather heatedly, of course, or I wouldn't be spending so much money, or working so hard, these days to prove otherwise...
But then you are tilting at windmills, as no one who is reputable has made such a claim, that anonymity will always cost more than non-anonymity. Sometimes anonymyity costs something. Sometimes traceability (_non_anonymity) has certain benefits worth trading for. Sometimes security costs a lot, sometimes not so much, sometimes almost nothing. In general, these tradeoffs cannot be boiled down to a simple relationship of "anonymity costs more than nonanonymity." As with the lock example, a lock almost always costs more than no lock. But the costs of having no lock may be much higher. Things should not be reduced to simplicities. --Tim May -- ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, "Cyphernomicon" | black markets, collapse of governments.
At 7:51 PM -0700 on 10/27/00, Tim May wrote:
But then you are tilting at windmills, as no one who is reputable has made such a claim, that anonymity will always cost more than non-anonymity.
Actually, Wei Dei, and others of reputation, used to say it here quite frequently... And, no, I don't think I tilt at windmills anymore than than the average cypherpunk. Finally, I think we're both saying the same thing, and you're the one arguing the rather distinctionless difference. viz, At 10:38 PM -0400 10/27/00, R. A. Hettinga wrote:
So, to put it another way, when privacy is *cheaper*, on a risk adjusted basis, than we'll have privacy, and not much until then.
I expect most of us would agree to that, if they thought about it enough.
The "risk adjusted" bit is, of course, the most important one, as noted quite comprehensively, in the above response to a fairly simple, albeit catchy, observation.
...which you seem to have conveniently ignored seemingly to perpetuate the discussion, versus At 7:51 PM -0700 10/27/00, Tim May wrote:
As with the lock example, a lock almost always costs more than no lock. But the costs of having no lock may be much higher.
The cost of anything is the foregone alternative? Nawwwwww... Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
On Fri, 27 Oct 2000, R. A. Hettinga wrote:
Mostly, when I tossed that one off, I was remembering arguments around here -- more than once -- that anonymity, particularly in anonymous transactions, will *always* cost more than non-anonymous ones. Something I dispute rather heatedly, of course, or I wouldn't be spending so much money, or working so hard, these days to prove otherwise...
I've been thinking pretty much the same thing lately. When you do business with someone, you want to know his/her True Name, so that if they 'defect' (ie, take your money on a long trip to the bahamas without delivering the goods, or take your goods on a long trip to the bahamas without giving you the promised money) you can drag their asses into court and get what they promised you. Clearly, there is no such recourse when dealing with a Nym. And the hellish thing about Nyms is, they don't cost anything. If the guy (or gal) steals from you using a Nym, you can spread the word about that nym and trash its reputation. But they don't have to care, because by this time they'll be using another nym. With Nyms, somebody who has ripped off a hundred people for a million dollars each is indistinguishable from someone who's just new to the system. While Nyms have zero cost, they will never simultaneously be in use and have negative reputation. It is also very hard to get a positive reputation with a nym; (switching to didactic mode). Either you are doing a legal business or an illegal business. If you are doing a Legal business: A customer can go to either a nym or a true name. If a customer goes to a nym, there is no legal recourse, but if a customer goes to a true name, there is legal recourse. Therefore it is clearly better for the customer to go to a true name. If you are doing an illegal business: You either do, or do not, create a "reference" as a result of the transaction. If no reference is created, no reputation can be gained. QED. If a reference is created, then it either does, or does not, identify the principals and the deal consummated. If the reference identifies the principals and the deal then it can also be used as conclusive proof in court against them if the owner of either nym is ever discovered. And this is the best kind of "digital reputation" I can find in this system. It will be significant to someone else who has dealt with one of the principals as an introduction to the other, but cannot really be useful beyond that. If the reference does not identify the principals and the deal consummated, then either it does not identify the principals or it does not identify the deal consummated. If the reference does not identify the principals in the deal, then it can be duplicated at will by anyone who creates a few Nyms and puts them through the paces of a few pretended deals, and is therefore meaningless. If the reference does not identify the deal consummated, then it becomes impossible to make judgements based upon it. -- a cocaine dealer with a million-dollar shipment is hardly going to accept a "reference" which might be based on the purchase or sale of a pocketknife. Such references are also meaningless. Bear
Most of these problems are solved by the use of bonds posted by parties. igor Ray Dillinger wrote:
On Fri, 27 Oct 2000, R. A. Hettinga wrote:
Mostly, when I tossed that one off, I was remembering arguments around here -- more than once -- that anonymity, particularly in anonymous transactions, will *always* cost more than non-anonymous ones. Something I dispute rather heatedly, of course, or I wouldn't be spending so much money, or working so hard, these days to prove otherwise...
I've been thinking pretty much the same thing lately. When you do business with someone, you want to know his/her True Name, so that if they 'defect' (ie, take your money on a long trip to the bahamas without delivering the goods, or take your goods on a long trip to the bahamas without giving you the promised money) you can drag their asses into court and get what they promised you.
Clearly, there is no such recourse when dealing with a Nym. And the hellish thing about Nyms is, they don't cost anything. If the guy (or gal) steals from you using a Nym, you can spread the word about that nym and trash its reputation. But they don't have to care, because by this time they'll be using another nym. With Nyms, somebody who has ripped off a hundred people for a million dollars each is indistinguishable from someone who's just new to the system. While Nyms have zero cost, they will never simultaneously be in use and have negative reputation.
It is also very hard to get a positive reputation with a nym; (switching to didactic mode).
Either you are doing a legal business or an illegal business. If you are doing a Legal business: A customer can go to either a nym or a true name. If a customer goes to a nym, there is no legal recourse, but if a customer goes to a true name, there is legal recourse. Therefore it is clearly better for the customer to go to a true name.
If you are doing an illegal business: You either do, or do not, create a "reference" as a result of the transaction.
If no reference is created, no reputation can be gained. QED.
If a reference is created, then it either does, or does not, identify the principals and the deal consummated.
If the reference identifies the principals and the deal then it can also be used as conclusive proof in court against them if the owner of either nym is ever discovered. And this is the best kind of "digital reputation" I can find in this system. It will be significant to someone else who has dealt with one of the principals as an introduction to the other, but cannot really be useful beyond that.
If the reference does not identify the principals and the deal consummated, then either it does not identify the principals or it does not identify the deal consummated.
If the reference does not identify the principals in the deal, then it can be duplicated at will by anyone who creates a few Nyms and puts them through the paces of a few pretended deals, and is therefore meaningless.
If the reference does not identify the deal consummated, then it becomes impossible to make judgements based upon it. -- a cocaine dealer with a million-dollar shipment is hardly going to accept a "reference" which might be based on the purchase or sale of a pocketknife. Such references are also meaningless.
Bear
- Igor.
At 2:09 PM -0500 on 10/28/00, Igor Chudov wrote:
Most of these problems are solved by the use of bonds posted by parties.
That's what I get for answering before reading the rest of the traffic. Yeah, what he said. Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
At 11:03 AM -0700 on 10/28/00, Ray Dillinger wrote:
Clearly, there is no such recourse when dealing with a Nym.
Unless, of course, you're selling bits on the wire (bearer-held asset titles, information, software, wetware) for bits on the wire (bearer cash). ...and, of course, in a geodesic economy, where the plans to make something are worth more than the materials to make it, bits on the wire are the only things that really matters, right? Hint: Financial assets constitute the majority of all asset classes, and, of course, financial assets are already "dematerialized", albeit only in book-entry form. Remember, it's only *book-entry* transactions that require your, as Vinge would say, true name, your biometric identity, physical coordinates, whatever. As Doug Barnes has noted, "...and then you go to jail" a bad terminating step for an internet transaction protocol. Bearer transactions execute, clear and settle instantaneously. Thus, jail is not the error-handler. Finally, in a bearer protocol, you trust the reputation of the issuer of a given financial instrument, not the people you're doing business with. With the "jail" bit out of the way there's only the veracity of the information good/service, or asset, at issue, and, with lots of crypto stuff like zero knowlege proofs, anonymous escrow agents, and so on, that's fairly testable in realtime. It's going to get pretty wierd pretty soon, I think. Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
-- At 10:38 PM 10/27/2000 -0400, R. A. Hettinga wrote:
So, to put it another way, when privacy is *cheaper*, on a risk adjusted basis, than we'll have privacy, and not much until then.
Transactions on the internet need reputational enforcement. Most of us cannot afford the cost and effort required to generate a widely known reputation. So we rent the reputation of a widely known entity, usually Visa or Paypal. If that entity is implementing chargebacks, implementing a dispute arbitration service, as Visa has long done, and Paypal now does, then it must know us, and know everything about us. That entity, being large, is vulnerable to the state, and so what it knows, the state knows. Anonymous transactions must be transactions that do not require, and are not charged for, an arbitration service applying chargebacks. Such a service is inherently cheaper than the true name based service provided by Paypal and Visa. Internet shopping and internet auctions such as Ebay tend to require an arbitration service and chargebacks. However many regular Ebay sellers have established a good name, and could successfully operate, and would prefer to operate, with a system that does not provide for chargebacks. Similarly micropayments do not need a facility for arbitration and chargebacks, and could not afford the cost of such a facility. Any entity that facilitates transactions tends to be the deep pockets party that gets dragged into every quarrel, and thus is forced to implement a chargeback and arbitration policy regardless of whether it or its customers want such a service, regardless of whether they desire to pay for such a service. An entity that provides truly anonymous transactions has the great strength that its no chargebacks policy is credible, that it cannot be dragged into the arbitration business against its desires and the desires of its customers. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG OLA7vdEb/UfbsQMrSWYy8AHmV/2UITEt32g9J6IG 486m1oVWEs2lm3apL5uK4JYB2UFyZDKJmZrDM0+8f
At 4:37 PM -0400 10/26/00, R. A. Hettinga wrote:
At 11:59 AM -0700 on 10/26/00, Ray Dillinger wrote:
Here is what I envision, at a cost of something like $10/month.
Go find the original archived web page for c2.net?
When privacy costs more than no privacy, we have no privacy.
Sad, but true.
Oh?
"When curtains over windows cost more than no curtains over windows, we have no curtains."
"When locks on doors cost more than no locks on doors, we have no locks on doors."
Locks on doors are (in most areas) much cheaper than replacing the contents of ones home. It is quite possible that Sameer was just a little early with C2.net, between higher overhead and a smaller/less mature (in terms of experience) market it might be possible that a small business could be started today that could be self sustaining. -- A quote from Petro's Archives: ********************************************** "We forbid any course that says we restrict free speech." --Dr. Kathleen Dixon, Director of Women s Studies, Bowling Green State University
On Fri, 27 Oct 2000, Tim May wrote:
For another, most people have not themelves experience a security problem. While they understand how neighborhood thieves can break in and steal their stuff, they have no similar experience for their computer data. Unless and until this changes, they just won't care very much.
Of course, a substantial part of real privacy problems never manifest themselves as such. The bits leak and do their damage (Men with Guns mysteriously knowing precisely on whose door to knock, companies suddenly not having a job opening after all, competitors making highly informed decisions etc.) without people even realising what hit them. It's no wonder few people ever come to think of privacy, expect perhaps with financial transactions. Given the widespread habit of spreading VISA numbers around, even that isn't a given. Sampo Syreeni <decoy@iki.fi>, aka decoy, student/math/Helsinki university
I like the idea, however it could be a management nightmare. How would you meter the http vs https traffic? How would you meter the pgp email vs the non pgp email? Many pgp emails (including mine) have some non encrypted stuff in it (such as the sentance 'PGP message follows' or whatever. Good Luck! Mark
You might want to check out what Lance is doing with his dialup accounts. Anyone can pay him a few dollars a month (cash, money order is fine) and get an anonymous account. That account can be configured to reject unencrypted email (procmail) or use HTTPS only, or whatnot. I think this solution already exists. anonymizer.com. -Declan On Thu, Oct 26, 2000 at 11:59:51AM -0700, Ray Dillinger wrote:
Would there be a market for someone to create an encrypted-services provider? Would people do this?
Here is what I envision, at a cost of something like $10/month.
Email accounts that bounce anything not encrypted - either silently or with a message that says "this account accepts only encrypted mail." at the option of the account holder. These accounts are restricted in some way that makes them unattractive to spammers - probably they are able to send no more than 3 or 4 unencrypted emails a day, maybe they are unable to send *any* unencrypted email.
Web Hosting strictly via HTTPS. Standard accounts get four or eight kilobytes accessible by http (enough for a redirect), and 100 Megabytes or so of web space accessible by HTTPS.
Anonymous accounts. You send a message with a long random key and a few dozen choices for your login name, and a password to use (send via a remailer or whatever) and the provider publishes a webpage with listings mapping keys to login names to tell you what login name you've gotten. The provider holds the name for a couple of weeks. If during that time the provider recieves payment for an account by that name with a that password (say, by cash or bullion via mail or courier, or any of various ecash systems) then the provider creates an account with login, that balance and that password.
The provider also publishes a page of login names in use, so you can check to try to avoid collisions.
To renew your account, your payment must be sent with your login name and the original payment key.
If it can be done legally, the service provider would get a debit card for each account paid more than $200 in advance, and give the card number to the account holder. Then, whatever amount had been prepaid would be available for web purchases, etc. for web merchants with POS stuff. This is a sticking point, and could cause a lot of trouble if any missteps are made. In the worst case, 30% of this money would have to be paid to the IRS - to avoid charges of abetting tax evasion while maintaining client anonymity. (technically, this ought to make the money paid for the service tax deductible, but you could only claim it by revealing your True Name along with proof that you'd paid it -- so clients interested in real anonymity would have to bite the bullet and pay taxes on that money twice).
Nice anonymizing web proxy with whatever filters you like, returning whatever CGI information you want it to return. Cookie functioning is selectable by host (so you can, eg, deal with your bank via the proxy if you want). Web proxy is available only via https -- ie, the link between the proxy and the user is *required* to be encrypted.
Anonymous encrypted FTP. Two kinds -- one is FTP over SSL, the other is FTP where the file being downloaded is encrypted to start with. There are applications for both. Paying clients could put up a download directory; joe random could download stuff from it. No unencrypted FTP would be available.
NNTP over SSL. Not that what's in usenet news is secret, but there's no point in having your reading habits monitored.
The basic idea is, there's no point in having *any* unencrypted traffic on a server if you can help it. It ought to be the case that even if a 'carnivore' is installed, there is no unencrypted traffic for it to sniff.
I think this is, just barely, feasible. What say you all?
Bear
Ray Dillinger wrote:
Would there be a market for someone to create an encrypted-services provider? Would people do this?
I have something like this in the making. if you're working on a similiar project - why not team up?
Here is what I envision, at a cost of something like $10/month.
Email accounts that bounce anything not encrypted - either silently or with a message that says "this account accepts only encrypted mail." at the option of the account holder. These accounts are restricted in some way that makes them unattractive to spammers - probably they are able to send no more than 3 or 4 unencrypted emails a day, maybe they are unable to send *any* unencrypted email.
in addition, access to the email account is via encrypted means only: either forwarding through S/MIME or SSL channels or IMAP with SSL. plus a local mixmaster for sending out mail (in the process mixing it without mail that's merely travelling through). an optional (2nd) e-mail address can accept unencrypted mail, but before forwarding will encrypt it (PGP). goal: your home machine never gets an unencrypted e-mail.
Web Hosting strictly via HTTPS. Standard accounts get four or eight kilobytes accessible by http (enough for a redirect), and 100 Megabytes or so of web space accessible by HTTPS.
not planned here. I'm on the e-mail aspect only. data you need to provide is minimal - a username/pwd and/or a forwarding e-mail. we don't want to know what we have no technical need to know. all payment can be done anonymously - that's an important point and possibly the most difficult one.
I think this is, just barely, feasible. What say you all?
all of this is doable. as I said: I'm working on encrypted e-mail services at the moment (I bounced a couple stego ideas off this list recently).
participants (10)
-
Declan McCullagh -
ichudov@Algebra.Com -
James A. Donald -
Mark Allyn -
petro -
R. A. Hettinga -
Ray Dillinger -
Sampo A Syreeni -
Tim May -
Tom Vogt