[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Building crypto archives worldwide to foil US-built BerlinWalls

--- begin forwarded text

To: John Young <[email protected]>
Cc: [email protected], John Gilmore <[email protected]>
Subject: Re: Building crypto archives worldwide to foil US-built Berlin Walls
Date: Tue, 08 Dec 1998 19:36:23 -0500
From: Dan Geer <[email protected]>
Sender: [email protected]

Tradeoff time.


Q: Is it better for the providers of crypto resources to alarm/log
   accesses to their websites or not?

I'd strongly argue not;
  Team Despot will disguise itself and we are surveilled as we speak;
  Team Legion loses if it creates targets for harvesting.


Q: Is coordinated integrity control (code signing) a Good Thing?

I'd weakly argue not;
  The absence of a coordinated signing strategy does not preclude
  verification so avoiding common-mode fraud, e.g., long-running
  denial of service attacks on the central signing agent, seems

Alternative argument;
  Integrity of crypto code can be signed via quorumed split-key
  means so that no single actor fraud is effective yet only the
  minimum quorum need be online at any given time; this has
  the advantage that a completed split-key signature cannot be
  attributed to which quorum subset made it yet is verifiable
  by ordinary client means once complete.  Since intermediate
  (partial signing) results do not leak fragment holder identity,
  quorum members can indirectly communicate through commonly
  held dead-drops.


Q: Should requestors routinely avoid surveilled identification?

I'd argue strongly for:
  We, Team Legion, must commit to a cell organization with
  pseudonymity coverage such as through the "Crowds" system;
  to avoid any one of us being guilty we must all be.


Getting the problem statement right for this
endeavor is the most important thing we have
left to do.  If the above sample is misguided,
say so.  To the extent it is incomplete, fix
it.  If one of us goes off the air, step into
their place.

It is time for us to walk the fine line between
undue paranoia and a heightened state of awareness.


--- end forwarded text

Robert A. Hettinga <mailto: [email protected]>
Philodox Financial Technology Evangelism <http://www.philodox.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'