[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ecash protocol: Part 1
-----BEGIN PGP SIGNED MESSAGE-----
Hello Ian Goldberg <[email protected]>
and [email protected]
> Last week, I was taking a look at the ecash protocol (no, I don't have a copy;
> I have a binary, which I can't even run...).
Sounds like good work!
> I guess the important bit is that the payee, the item being bought,
> and the cost are sent _in the clear_. Some of the people I've talked
> to think this is a huge privacy breach, and some don't. You all can
Yeah, it probably is. Then again you can probably use a dummy
However, that doesn't get around the fact that anyone intercepting
the packet who knows where it came from will immediately see straight
through payer anonymity.
> - Ian "Why exactly isn't DigiCash releasing the protocol? What about
> the source?"
A Source Close To Digicash That Did Not Wish To Be Quoted
once described them as 'crown jewels' (competitive advantage).
ASCTDTDNWTBQ then appealed to Digicash's track record.
I certainly hope that this genuinely is not Digicash's official opinion.
Thank you for once again showing the futility of security by obscurity.
If you want an answer, please mail to <[email protected]>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----