[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Magic Money Complaints



Pr0duct Cypher writes:
> I'd rather have people playing with it and complaining about it, than
> ignoring it. I'd about given up hope that anyone would do anything with
> the program. Someone please set up an emailable server!

Mail to [email protected], subject "Bank" will be processed by a Magic Money
server.  He calls his coins "Tacky Money".  Here is his bank's public key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.3a

mQA/Ai1uZlUAAAEBgL95EmR/sdhCT3HQF3imtMvUjg9D4oZTgT2JMMRol1qv13h5
i2DUUUL9DKW76VcLKwARAQABtCFNYWdpYyBNb25leSBUZXN0IDxtcGRAbmV0Y29t
LmNvbT4=
=JDa0
-----END PGP PUBLIC KEY BLOCK-----

To make things interesting, here is a $10 Tacky Token.  The first
person to turn it in gets it!  (This is just ascii-encoded; you will
have to first use PGP to unencode it then give it to your Magic Money
client.)

-----BEGIN PGP MESSAGE-----
Version: 2.3
 
rHNiJU1hY2ludG9zaCBIRC9EZXNrdG9wIEZvbGRlci9jb2lucy5kYXQAAAAAwJH2
7q4+nSRosFWmppnv12cAEQEADwGAivX32iM05KNdEdcyFiOnKhWCNrZmG/4ZD6xj
1G3VmWhNOpABQWKVTlG1XIzClfxL
=qUK5
-----END PGP MESSAGE-----


And as a "token" of my appreciation here's a little gratuity for Pr0duct
Cypher:

-----BEGIN PGP MESSAGE-----
Version: 2.3
 
hIwCwagUhZdVih0BBACbdgHXUsPpV4q6aRohbDgaEiU6oZqh70ASvuraMYi9ErAp
QimzBkNJjiKFB12rBoaOi72CJp4emJO9D+iZXgkdC/5QSQBys0iTkbGIMnd/3Pg0
KqCmHC4lXHcXrJo8lp90xbPvh+fm/F84yiVFz+QKyv+1eIW5i+tgVieKxYDv1aYA
AACG+2ZhjCu3gSuxuHE9JOfeW/OhfcaqY8pEMjg0/i5/Zco3g7T4d1zvtKrRTwXa
fBvQzcl4O4bdOOaS6Pz168a2NkmUbO4sJe9hb6ca1ZaSx3gSR7CovaqcZ+j7fHZv
TmZcsbvfQTEMVsBTFHjVziWSYKShqyadVYR3jnS7gQin+YXJ5hYNKv8=
=mN42
-----END PGP MESSAGE-----


Here are some more constructive suggestions for how some of the issues I
raised might be addressed.

 - Mark Magic Money messages differently from ordinary PGP messages.
   (-----BEGIN MAGIC MONEY MESSAGE-----)  Alternatively, allow MM msgs
   to be decrypted by PGP to produce binary files which can be passed
   to the MM client.

 - Make the client handle bank and user messages both as either binary or
   ascii files.  Use internal type flags rather than ascii vs binary to
   distinguish them.

 - Allow the client to search the PGP public and private key rings for
   decryption and encryption keys.

 - Allow the user to specify a user id to encrypt for when he extracts coins
   for payment, search the PGP public key ring and encrypt for that user.

 - Check for the existence of an output file and warn the user if it already
   exists.  Allow the name of an output file to be specified on the command
   line.

 - Save a copy of all output files in a logging subdirectory.  Then if an
   email message is never received the user can go back and send it again.
   The file dates and perhaps file names can be used to help the user deter-
   mine which log file is the copy of the lost one.

 - Include the bank's key and email address with each coin file.  Allow
   users to combine the initialization and coin-receiving steps (already
   these appear to be very closely related in the software).  This way a
   user who receives MM coins for a new bank which he has never used
   before can begin using it in one step.

These don't really imply re-implementing PGP.  MM already encrypts and
decrypts PGP-type messages for the bank.  Adding the keyring searches is
the main part of extending that capability to user-to-user communication.
It also gains the benefit of encrypting the user's secret key.

I don't mean to be asking Pr0duct Cypher to do all of these things.  If
people can agree on the usability issues, maybe other members of the
community can join in and make some of these changes.  Now that Pr0duct has
done the hard work a lot of this is little tweaks which aren't that tough.
That's what happened with PGP.

BTW, I was astonished by how easily the program built for the Mac.  I did
#define MSDOS, #define BIGENDIAN, as well as the compatibility flags.  Then
there were a few of the typical header files incompatibilities.  Practically
once it linked it worked.  Very nice.

Hal