[17831] in cryptography@c2.net mail archive
Re: the limits of crypto and authentication
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Tue Jul 12 15:35:27 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: Ben Laurie <ben@algroup.co.uk>
Cc: Florian Weimer <fw@deneb.enyo.de>,
"Steven M. Bellovin" <smb@cs.columbia.edu>, cryptography@metzdowd.com
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 12 Jul 2005 15:03:57 -0400
In-Reply-To: <42D40574.1050602@algroup.co.uk> (Ben Laurie's message of "Tue,
12 Jul 2005 19:01:24 +0100")
Ben Laurie <ben@algroup.co.uk> writes:
> Perry E. Metzger wrote:
>> Anonymity is a concern to me, too, but I suspect that it is hard to
>> get anonymity in a credit card transaction using current means, even
>> if the merchant isn't online. Pseudonymity, perhaps.
>
> Can we not aim higher than merely doing as badly as current systems do?
I think that by eliminating the need for a merchant to learn
information about your identity I have aimed higher. Given that we're
talking about credit instruments, however, it may be difficult to
eliminate the need for the issuer to track transactions. However,
given the way I've described the protocol, it would be possible to use
a variant on it for digital cash purses without the merchant being
impacted. It isn't clear to me, though, who would issue such things in
the current environment.
Perry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
