[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: blind validation
> I'm not convinced that your last point is true. It appears that the signed
> Bobnet-access-number is still just a transferrable ticket. Charlie can
> place an order with Bob, forward the Bobnet-access-number to Alice, wait for
> Alice & Trent to do the blinding & signing tango, forward the signed Bobnet-
> access-number to Bob, and get the goods from Bob.
>
> Charlie can't use the signed Bobnet-access-number to prove to Trent
> that he's Alice. In fact, since it's unblinded, Charlie can't even prove
> that he's linked to a particular validation performed by Trent. (If Alice
> foolishly gave him the blinded version too, he could show that he shares
> Alice's knowledge about this validation.)
> I'm not convinced that your last point is true. It appears that the signed
> Bobnet-access-number is still just a transferrable ticket. Charlie can
> place an order with Bob, forward the Bobnet-access-number to Alice, wait for
> Alice & Trent to do the blinding & signing tango, forward the signed Bobnet-
> access-number to Bob, and get the goods from Bob.
Yes and no. It is just a ticket, except that there are time
constraints. If Alice doesn't respond in some reasonable time while the
protocol is going on, Bob quits. (I didn't say that explicitly, my
mistake.)
Part of what I was trying to say, but didn't say well, is that Alice can
*always* act as a proxy, ie., she can always get a file and give it to
someone else. But Sam can't bust Bob if Alice gives the file away.
He'll have to go after Alice.
The whole point of the exercise is to convince Sam that Bob hasn't given
away any files to minors or Europeans or whoever else Sam feels shouldn't
have them.
This puts a whole new spin on the situation, a different sort of attitude
than we usually have when we're talking about crypto protocols. The
entire ecash system has to have integrity. If someone figures out how to
forge or double spend ecash, it doesn't do the bank any good to say, "We
didn't do it, this person with an account did it."
But we can't keep erotica out of the hands of minors, or home grown
crypto out of the hands of Europeans. That means that from a certain
point of the view, the system as a whole won't have integrity. But no
system can have integrity, because Alice can always act as a proxy.
The point is to set things up so that:
1. Alice can remain anonymous
2. Bob can keep Sam off his back
3. Sam has to admit that the system, imperfect as it is, is as good
as other systems. (Alice can act as a proxy, but she could do
that at a liquor store or a pornography shop also. If Alice had
to give her ID, she could still give away the file.)
The through the looking glass aspect of this is that from a practical
standpoint, there's no real difference between Alice giving away her
credentials and Alice acting as a proxy. But Sam foists the upon us the
necessity of arguing what are almost semantic points. If Bob always gives
the files to people Sam says are ok, then Bob won't go to jail.
It is true that Alice could act as a beard for someone in the transaction,
but in my opinion it's not unreasonable to claim that if she does she's
acting as a proxy. The attacker still has to go to Alice and say, "give
me this file", and Alice still has to agree and interact with Trent in the
moment to make it work. Going back to the liquor store analogy, Alice
can go into the liquor store with a kid, have the kid point to a bottle
on the shelf, go to the register, and then buy it.
But she can't give her ID away to the kid and let the kid go to the liquor
store on his own. Either way the kid gets drunk, but if Alice can't give
away her ID, Bob won't have to worry about losing his license.
Alice, of course, has to watch out for Sam.
> 3. is OK as long as Alice trusts Trent. The trick is selecting a Trent
> trusted by both Alice and Sam ;)
Very true.
>
> -Futplex <[email protected]>
>