McMeikan, Andrew ([EMAIL PROTECTED]) wrote:
> with technocash/digicash/digigold there is no problems the value can be
> encrypted and sent with the spenders id unrevealed,
Yes, but how do you prevent a "replay attack"? Either by the person who
was supposed to receive the payment (what stops them from deducting a
larger amount than they're supposed to by simply using your signed
payment multiple times); or by an eavesdropper who intercepts the signed
payment?
(I'm not saying it can't be done; just playing devil's advocate. If
you implement a system that involves real money, you'd better be *damned*
sure you've got all these details taken care of!)
> for easier currencies
> like e-gold/paypal you need a third party that changes these to a more
> anonymous payment (any one who likes that idea pleas feel free to join up at
> http://www.egroups.com/group/goldenagents ) ; several already exist
This is a slightly more serious issue. Do you trust this third party not
to reveal your identity? How stable is this third party, financially --
will they go bankrupt next year?
--
Greg Wooledge | "Truth belongs to everybody."
[EMAIL PROTECTED] | - The Red Hot Chili Peppers
http://wooledge.org/~greg/ |
PGP signature
