ecash protocol: Part 1

[Jiri Baum]

-----BEGIN PGP SIGNED MESSAGE-----

Hello Ian Goldberg <iang at cory.EECS.Berkeley.EDU>
  and cypherpunks at toad.com

...
> Last week, I was taking a look at the ecash protocol (no, I don't have a copy;
> I have a binary, which I can't even run...).  
...

Sounds like good work!

...
> I guess the important bit is that the payee, the item being bought,
> and the cost are sent _in the clear_.  Some of the people I've talked
> to think this is a huge privacy breach, and some don't.  You all can
...

Yeah, it probably is. Then again you can probably use a dummy
description, no?

However, that doesn't get around the fact that anyone intercepting
the packet who knows where it came from will immediately see straight
through payer anonymity.

...
>    - Ian "Why exactly isn't DigiCash releasing the protocol?  What about
> 	    the source?"
...

A Source Close To Digicash That Did Not Wish To Be Quoted
once described them as 'crown jewels' (competitive advantage).

ASCTDTDNWTBQ then appealed to Digicash's track record.

I certainly hope that this genuinely is not Digicash's official opinion.


Thank you for once again showing the futility of security by obscurity.

Jiri
- --
If you want an answer, please mail to <jirib at cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMLbIjixV6mvvBgf5AQFKiwP/fJKIZnRM4HQzkdzYNTTDPP/CZNGlLWQI
UnA4la2134SoBde/hPsSiniuWBlESU8rpbA3IX+mygh50x/4CSb86VClvgIF8xKp
XFRwXljxer2dqKV3troMYFQfYWrUoj6NXTJIRQWwBJ6ilHcXE1OWtHWGPgAB9/Gv
79z3R4njwmw=
=OPp0
-----END PGP SIGNATURE-----