published secret - similiar to AP prot
Bill Stewart
bill.stewart at pobox.com
Fri Feb 9 20:09:03 PST 2001
At 04:03 PM 2/9/01 +0100, Tom wrote:
>> If Bob doesn't want legal problems because of Alice,
>> it's safer if he doesn't tell Alice, or at least doesn't
>> do anything different for Alice than he would for any other customer.
>
>that's the problem. so how does alice know if bob doesn't tell?
Some options:
- Bob is running the "We Mirror Everything" site
- "We Mirror Things for Politically Sympathetic People"
- "We Mirror Things Unless we sent you a rejection notice"
- (back when Cypherpunks believed there would be digicash Real Soon)
Alice sent Bob some anonymous digicash to pay for storage
- Alice sent Bob some non-anonymous payment outside your threat model
- Bob is a random user running a Napster-like space-sharing protocol,
and Alice sent mail to Bob1, Bob2, Bob3, etc. hoping one will work
- Bob used a non-direct response method, like posting a receipt
to Bob's web site or some random free web site or Usenet
acknowledging receipt of "Some-Package-ID" which isn't
easily identifiable as being Alice's. Maybe the Package-ID
is a token sent along with the package, or a timestamp,
or maybe your threat model doesn't mind the receipt being
hash(hash(hash(hash(Package)))), which is some hash of the
package-retrieval token.
Thanks!
Bill
Bill Stewart, bill.stewart at pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
More information about the cypherpunks-legacy
mailing list