patent free(?) anonymous credential system pre-print

Nomen Nescio nobody at
Tue Nov 5 14:30:06 PST 2002

Stefan Brands writes regarding

> The paper shows some promise but, apart from being insecure, has other
> drawbacks that should be addressed:
> ... My work... introduced by myself... my MIT press book...
> In addition to various other drawbacks pointed out by of Dr. Adam Back
> (see at,
> the proposal does not  offer a wallet-with-observer mode, discarding
> protection, anonymous recertification /  updating, multi-application
> certificates, etcetera.

And balanced against all these numerous shortcomings, there is one
inescapable, overwhelming fact:


With all of your patents, and your writings, and your self-promotion,
how many people are using your certificates in the real world?  Think how
much you could have accomplished, how much of a difference you could have
made, if you had been willing to sacrifice the hope of great riches.
Instead you have followed in the footsteps of your mentor Chaum, and
both of you have withheld your talent from the world.

What is it about cash and credential systems that everyone who works
in the area thinks they should patent their results?  All you have
accomplished is to make sure that no implementations exist!  What good
are your great ideas if no one can use them?

Look at Chaum!  Is that where you want to be in 20 years?  Bitter and
barren?  Cut off from the cryptographic community?  Reduced to publishing
via the government patent office?

That's no life for a great mind.  Creativity demands interaction with
an active and vital intellectual community.  You have to give in order
to take.  Building walls around your intellectual property shuts others
out even as you shut yourself in.

If you really want to accomplish something meaningful, rather than
continuing to hype and shill for a system which no one can use without
entering into delicate financial negotiations, why not make it available
on some basis for people to experiment with?  Maybe a non-commercial,
open-source GPL implementation could be a starting point.  There is
considerable interest in reputation systems among the P2P community
and credentials could be a part of that.  You can still protect your
commercial interests while letting people get familiar with the technology
by making a non-commercial library available.

That's just one possibility.  The point is, your ideas are going nowhere
using your present strategy.  Either this technology won't be used at
all, or inferior but unrestricted implementations will be explored,
as in the recent work.  If you want things to happen differently, you
must change your strategy.

More information about the cypherpunks-legacy mailing list