--- begin forwarded text Date: Mon, 5 Mar 2007 11:34:34 -0500 To: "Philodox Clips List" <clips@philodox.com> From: "R.A. Hettinga" <rah@shipwright.com> Subject: [Clips] GeoCap: I Still Say "Digital Bearer Certificate" Reply-To: clips-chat@philodox.com Sender: clips-bounces@philodox.com Geodesic Capital Robert Hettinga I Still Say "Digital Bearer Certificate" March 5, 2007 Boston, Massachusetts At 8:32 AM +0400 3/5/07, Somebody wrote:

What's a good name for something which has all the properties of blinded tokens, but is not called ecash?

No euphemism required. Call it what it is: a digital bearer certificate. No. Seriously. It's not dead yet, Jim, it's still twitching... :-). "Bearer certificate" is a financial operations term of art. The observation that Chaumian blind signature cryptographic transaction protocols control and hold assets in bearer form is not mine, by the way, it's Nick Szabo's, and all the E-language/capability-programming folks use "bearer" in that context, and for that reason. And all the financial operations/regulatory/economist people I have explained this to also use it, because, once explained to them, it's self evident. :-). More important, it's such a financial term of art, such a semantic shot-cut to the financial medulla oblongata, that when you say "digital bearer certificate" to a finance person -- especially a financial operations person for the first time, they do a double-take, say, "really???". And then they get this great big grin. Even now, after 9/11, they still do. Especially these days, since we're seeing the collapse of identity's usefulness to prevent fraud, or create security, especially as closer transaction settlement and clearing times trend toward instantaneity, and identity theft becomes more prevalent -- and the proffer of identity credentials everywhere becomes more security theater than security itself. Okay, so some financial operations people I talk to get very angry, for any of a number of reasons, including the partially-aforementioned demonization of bearer transactions because of the perceived forensic value of book-entry settlement in other areas of law-enforcement, but also because some of them think they see the obsolescence of everything they've learned about financial operations itself. Which, ultimately, isn't really the case. Like energy in physics, finance, especially financial operations, is always conserved. So maybe we should all stand inside the nomenclature tent, pointing out, as it were, and use "digital bearer certificate"? Or digital bearer protocol. Or digital bearer transaction, as the case warrants. When I started IBUC, I began to use "internet bearer" and so on, as a subset of the above, because, as a business definition, if it didn't run on TCP/IP we didn't want to play there. (Hence the company name "Internet Bearer Underwriting Corporation". :-)) And, of course, TCP/IP is trending toward ubiquity, even now. Finally, while we're defining things, it's the *asset* which is in bearer form, something which is impossible to do in the book-entry world. Some people, particularly cryptographers who are otherwise afraid of blind-signatures for whatever reason, political or otherwise, say that digital bearer protocols are "not bearer", because offline transactions permit double spending, or only prove double spending after the fact, that certificates have to be redeemed/reissued on-line to categorically prevent double-spending, and they're wrong. Or at least they frame the issue the wrong way and miss the point. It's not the offline/online characteristics of the certificates themselves, the cryptographic glops that move around the net like coins or notes without the normal use of transaction databases that are the issue. It's the *anonymity* of the protocol that makes the asset controlled by a digital bearer financial cryptography protocol a, um, bearer asset -- though saying "bearer asset" too fast makes for humorous pseudo-malapropism. :-). Okay, if you're afraid, these days, of the word "anonymity", try identity-orthogonality, or something equally multisyllabic. The point is, you don't *need* identity to execute, settle and clear the transaction, like we do with the book-entry transaction settlement status quo -- which is why you can't have an anonymous book-entry transaction, even in Switzerland. Or Liechtenstein. Or Luxembourg. Or Vanuatu. Or, apparently lately, Singapore. And, obviously, any decent network traffic analyst worth his salt is going to see which IP address talks to whom on the net, so "anonymity" is a rather loose concept, from a security standpoint, at the very least. A literal definition of *a*-nonymity, if you will. Kind of like *a*-moral versus *im*-moral, is where I'm going with this, anyway, in the same sense that a car is a-moral, and cannot be im-moral or moral, for that matter. It's also why I think that ultimately digital bearer transactions will be cheaper than book-entry transactions in the long run: the price of identity, in the raw transaction cost of increased security itself, is too high, particularly as transaction cycle-time falls toward zero. Cheers, RAH Who was down for most of four days and had to rebuild his server from scratch this weekend due to a purely software-semantic issue and the inability to have the right hardware on line to recover with. Backup is your friend. :-). On the other hand, I have a terabyte external drive now, which is cool, not to mention pretty cheap, bringing shipwright/philodox/ibuc et al. up to 2TB in all, as I seem to have been acquiring hard drives in a byte-wise semi-log series. As Mr. Mhyrvold once observed, software is, indeed, a gas. -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips@philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'