[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Data Bank

To: [email protected] (Eric Hughes), [email protected]
Subject: Re: Data Bank
From: [email protected] (Norman Hardy)
Date: Sun, 29 Jan 1995 10:21:59 -0800
Sender: [email protected]

My second posting crossed in the mail with Eric's notes.

At 9:09 AM 1/29/95, Eric Hughes wrote:
>   From: [email protected] (Norman Hardy)
....
>
>   The hat check is signed blindly by the bank and is a
>   bearer instrument.
>
>There's no need to have it signed blind.  A blind signature is useful
>when two parties have some persistent relationship with the
>intermediary; when they don't have identity, there's no need for
>blinding.
....
> We therefore conclude that there's no need for a blind
>signature here at all.

Yes, I was confused.  [email protected] had yet other valid objections.
....
>   Cancel a hat check: A holder of a hat check may sell it back to the bank at
>   a negotiated price thus releasing the bank from the threat of paying a
>   penalty in the future.
>
>This cancellation can't be done well.  Remember that the parties are
>remaining anonymous to the data bank.  In order to release the data
>bank of an obligation, some party would have to make some signed
>statement releasing the data bank from the obligation.  But making a
>signature reveals identity, perforce.

I have a novel sense of cancelation in mind. The check is canceled by the
mere fact that the bank knows the Secret that produced the SH(Secret) in
the check. The bank need not acquire or maintain a signed check revocation.
This is sort of like Chaum's spent bills. This requires the client to trust
the bank during the penalty transaction or to require escrow service. I
have modified the original to describe this better.

>
>Furthermore the retrieval note is a bearer instrument, but it's a
>_digital_ bearer instrument, which means you can't simply give the
>note back to the data bank.  There's no piece of paper to return.
>Once the note is out there, it's out there forever.  There can be lots
>and lots of bearers.  Which one of them gets to release the data bank
>of its obligation?
....
Any bearer. Just as any bearer of a Chaum bill can spend it. Only he who
spends it first, can spend it. Disseminate your hat checks carefully. That
is another reason that Getty, in the example, holds the hat check
carefully.
....
>   The hat check may specify expiration dates, cancellation terms etc.
>
>The retrieval note very well should specify an expiration date, since
>otherwise the data bank has specified an obligation in perpetuity.  A
>perpetual obligation is much less stable than a fixed-time one.  The
>value to the data bank of disappearance grows larger as the cost of
>storing the data increases.  No new external revenue is coming in (by
>definition -- otherwise you've got a renewable agreement, which is
>different) and all you've got is costs.  So there becomes little
>reason not to simply abscond with the assets and deny any outstanding
>obligations.
>
>A customer, therefore, would be wise not to deal with a data bank
>which signed perpetual obligations.  If a customer wants indefinitely
>long storage, the best way to do this is with a set of interlocking
>obligations with mutually ignorant parties.
....
Good points. I anticipate more complex broker services here.

I like the idea of a penalty for delay in retrieving the data aside from
penalty for loosing the data. This may be strategic in the bank's arranging
for the storage and retrieval from other sites and banks.

Thanks. I will try to produce an emmended version thru ftp soon.

Prev by Date: Re: Protocols for a Data Bank
Next by Date: Re: NNTP archives and internet credit bureau...
Prev by thread: Always after me lucky primes...
Next by thread: CERN Web Proxy
Index(es):
- Date
- Thread