private credential/ecash thread on slashdot (Re: announce: credlib library with brands and chaum credentials)

[coderman]

On 2/20/07, Adam Back <adam at cypherspace.org> wrote:
> ...
> http://yro.slashdot.org/yro/07/02/20/2158240.shtml
>
> Maybe some list readers would like to inject some crypto knowledge
> into the discussion.

there are some good replies, just need more moderation from the clue-full :)


> There is quite some underinformed speculation as critique on the
> thread...  Its interesting to see people who probably understand SSL,
> SMIME and stuff at least at a power user if not programmer level, try
> to make logical leaps about what must be wrong or limited about
> unlinkable credential schemes.  Shows the challenges faced in
> deploying this stuff.  Cant deploy what people dont understand!

indeed.  there was one insightful response to the unlinkability
aspect, and that is the inevitable venality of the credential
authorities.  perhaps i'm just overly cynical, but without a
trustworthy and secure CA the privacy assurances provided by such
credentials are fairly limited.  (and as detailed elsewhere, for most
uses the CA's won't issue to anonymous entities)

still, much better than what we've got now...

p.s. the lending protection aspect of credentials is dark comedy.
encode something into a credential that alice would never want to
share, credit card #, bank access details, etc.  lol