Re: Crypto Winter (Re: Looking back ten years: Another Cypherpunks failure)

2002-01-28 Thread lynn . wheeler 


the straight-forward mapping of credit card payment to the internet used
MOTO business process (mail order/telephone order, aka existing
non-face-to-face operation) to handle poorly authenticated transactions.
http://www.garlic.com/~lynn/aadsm5.htm#asrn2
http://www.garlic.com/~lynn/aadsm5.htm#asrn3


the financial industries standard work on that was basically to provide
authenticated transaction using digital signatures to all electronic
payment transactions  with the requirement given the standards group
to preserve the integrity of the financial infrastructure ... aka the
x9.59 work applies to credit transactions, debit transactions, ach
transactions, gift card transactions, etc. and applicable to all
environments (internet, non-internet, point-of-sale, etc)

An x9.59 issue is that it removes the requirement for name associated with
the transaction. This meets an EU requirement that at the point-of-sale, an
electronic transactions should be as anonymous as cash.

The claim then is the x9.59 work is privacy neutral  aka identification
is removed from the transaction. To the extent there is any identification
involved  it is in mapping individuals to accounts. Gift cards don't
have mapping of individuals to accounts ... and x9.59 would neither
increase nor decrease the annonymity of gift cards. Gift cards are
typically procssed with the some point-of-sale terminal as existing
debit/credit cards and at least initially typically flow thru the same
network. That means that the current webserver based use of credit cards
 flows into the same network that debit and gift cards flows into. The
issue isn't the mechanics of enabling debit and gift cards for internet
webserver use  the issue is providing authentication in an open 
insecure network (the internet) compared to closed/secure network that the
point-of-sale terminals directly connect into. X9.59 is defined to provide
such authentication in a secure manner across all payment transactions.

With respect to credit /or debit accounts, again X9.59 neither increases
nor decreases the annonymity of those accounts; to the degree that
particular institutions allow annonymity associated with such accounts ...
x9.59 then is privacy neutral in the protocol.

so the issue here is that the bits and pieces of privacy-enhanced payment
transactions already exists and has for some time. a new one doesn't really
need to be invented; the basic issue is really the technology needed to
transission some of these existing privacy-enhanced payment transactions
from closed network to an open network environment.

misc. refs:
http://www.garlic.com/~lynn/index.html#x959
http://www.garlic.com/~lynn/subtopic.html#privacy




[EMAIL PROTECTED] on 1/27/2002 12:08 pm forwarded:



On Saturday, January 26, 2002, at 09:55  PM, Dr. Evil wrote:

 We know that some kind of privacy-enhanced payment system has been one
 of the long-time c'punk goals, probably for at least ten years.  We
 know that we are probably further away from having that be a reality
 than we were ten years ago.  This is excusable; the obstacles are
 enormous.  You need a lot of people to use it before it's useful, and
 there are all kinds of regulatory problems.  And there are a whole
 list of other problems, too.






-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Crypto Winter (Re: Looking back ten years: Another Cypherpunks failure)

2002-01-27 Thread R. A. Hettinga 


--- begin forwarded text


Status:  U
Date: Sun, 27 Jan 2002 10:30:20 -0800
Subject: Crypto Winter (Re: Looking back ten years: Another Cypherpunks
  failure)
From: Tim May [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sender: [EMAIL PROTECTED]

x-flowedSome thoughtful ideas on the current situation (what I have
called the
Crypto Winter). A few comments:

On Saturday, January 26, 2002, at 09:55  PM, Dr. Evil wrote:

 We know that some kind of privacy-enhanced payment system has been one
 of the long-time c'punk goals, probably for at least ten years.  We
 know that we are probably further away from having that be a reality
 than we were ten years ago.  This is excusable; the obstacles are
 enormous.  You need a lot of people to use it before it's useful, and
 there are all kinds of regulatory problems.  And there are a whole
 list of other problems, too.

I somewhat disagree. The obstacles to widespread acceptance (of
_anything_) are enormous, but the obstacles to experimental deployment
for specialized uses (Napster-like trading, porn, remailer use) are not
great at all. Pr0duct Cypher and others got Magic Money/Tacky
Tokens/etc. out in what was probably a period of a few months' worth of
effort. (PC may have been working for years on it, but this seems
likely. Digital cash was the topic and MM/TT appeared during the
discussion...circa 1993, IIRC.)

First we change the world is not a good business model. New
technologies and methods often spring out of unforeseen needs and
technologies. An interesting Harvard Business School type of study would
contrast the long and slow growth of Diner's Club and Carte Blanche
versus the effective complete replacement by BankAmericard (later Visa)
and MasterCard beginning in the late 1960s. Way too many folks in the
crypto/digital cash community are aiming for penetration similar to Visa
and Mastercard. It may happen, but not with a) experimental technologies
and protocols, b) by planning by a bunch of small companies. A
full-scale launch by a very large and well-funded company _might_
work, but probably not. (There's that nagging How do we convince Joe
Sixpack to learn to manage keys and to use untraceable forms of digital
cash? A facet of First we change the world. Bah.)

I agree that facing regulatory obstacles head on is a lose, lose, lose.
Ain't gonna happen. Even the well-funded launch above would never get
approval for truly untraceable forms of digital cash. All of the
recent trends toward fighting terrorism, war on drugs, currency
control, etc. tell us the regulators will never accept untraceable
digital cash (even though physical cash is grandfathered in...they will
outlaw it when they think they can get away with it).

This is presumably why Chaum watered-down his earlier digicash scheme to
make it only one-way untraceable/unlinkable.


 One of the other c'punk goals was encryption all over the place.
 Seems reasonable, right?  This Internet thing was just starting to
 take off.  Free open-source OSes like Linux were coming out.
 Encryption everywhere was well within reach.

My guess is that PGP went off the track when it tried to get PGP
integrated into various platforms and applications. Things were a lot
easier when PGP simply took a text file and did things to it. The
processed text file could be from a text editor or the clipboard (on
various platforms) and could then be pasted into or cut out of a mail
app, a word processor, etc. A few extra steps, but the orthogonality
principle was upheld: PGP was just another modification of text, a form
of writing. What the user _did_ with the text was up to him and was not
of any concern to PGP qua PGP.

Alas, the battles to integrate PGP with Pine (or with Eudora, or
Outlook, or Outlook Express, or Entourage, or ) and all the crap
about checking signatures (which is almost never needed for most of
us, for reasons discussed many times), and the general bloat of
providing hooks to various OSes, various mailers, various browsersit
all resulted in the predictable.

(What did those 200+ staffers at NAI's PGP division actually _do_? Some
have told me that this 200+ figure referred to teh entire crypto tools
division. Maybe. But PGP lost a lot when it went corporate and lost its
simple focus. More on GPG in a moment...)

Here's my own personal situation. Now I don't make a claim to being a
software guy (I'll avoid the hateful term geek). I like software, I
use it, I read about languages and OSes, I like Smalltalk and
Lisp/Scheme and suchlike, I have a project brewing on actors/agents and
money/instruments, I follow E and capabilities, and so on. But I don't
run a Unix box (well, OS X is now a full-fledged Unix box, being based
on FreeBSD, OpenBSD, Mach, NeXTStep, etc.).

But some years ago PGP just became too difficult to use regularly. I
would install 2.0. 2.1,...5.5, 6.1, whatever, and would even buy the
PGP for Personal Privacy CD-ROM ($40). Then something would break, and
PGP plug-ins would no longer work