[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ecash protocol: Part 1
-----BEGIN PGP SIGNED MESSAGE-----
Hello Ian Goldberg <[email protected]>
and [email protected]
...
> Last week, I was taking a look at the ecash protocol (no, I don't have a copy;
> I have a binary, which I can't even run...).
...
Sounds like good work!
...
> I guess the important bit is that the payee, the item being bought,
> and the cost are sent _in the clear_. Some of the people I've talked
> to think this is a huge privacy breach, and some don't. You all can
...
Yeah, it probably is. Then again you can probably use a dummy
description, no?
However, that doesn't get around the fact that anyone intercepting
the packet who knows where it came from will immediately see straight
through payer anonymity.
...
> - Ian "Why exactly isn't DigiCash releasing the protocol? What about
> the source?"
...
A Source Close To Digicash That Did Not Wish To Be Quoted
once described them as 'crown jewels' (competitive advantage).
ASCTDTDNWTBQ then appealed to Digicash's track record.
I certainly hope that this genuinely is not Digicash's official opinion.
Thank you for once again showing the futility of security by obscurity.
Jiri
- --
If you want an answer, please mail to <[email protected]>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
iQCVAwUBMLbIjixV6mvvBgf5AQFKiwP/fJKIZnRM4HQzkdzYNTTDPP/CZNGlLWQI
UnA4la2134SoBde/hPsSiniuWBlESU8rpbA3IX+mygh50x/4CSb86VClvgIF8xKp
XFRwXljxer2dqKV3troMYFQfYWrUoj6NXTJIRQWwBJ6ilHcXE1OWtHWGPgAB9/Gv
79z3R4njwmw=
=OPp0
-----END PGP SIGNATURE-----