From: tcmay@got.net (Timothy C. May)
Date: Tue, 5 Sep 95 09:46:15 PDT
To: <cypherpunks@toad.com>
Subject: "This discussion is off-topic, please take it elsewhere"
Message-ID: <ac71c5aa03021004a06d@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:58 AM 9/5/95, Sandy Sandfort wrote:
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                          SANDY SANDFORT
> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
>
>C'punks,
>
>This is not a crypto post, but those interested in threat models
>and counter-measures might want to read on.

This brings up an important issue. Sorry it is not written in C, or even TCL.

I actually agree with a point the noted tentacle VZNuri ("visionary,"
obviously) wrote, namely, that people are getting entirely too apologetic
(myself included, though most of my "apologies" have had an ironic edge to
them) about posting things that are other than about coding in C, writing
sockets for Windows, or breaking SSL.

Folks, this list is about a _lot more_ than just some facet of writing
software. It started as a wide-ranging list, with many topics, many
interests. I don't think I need to try to list the topics, but they
obviously include things such as legal issues, policy, PGP, remailers,
digital money, money laundering, regulatory arbitrage, data havens,
steganography, languages, frameworks, Unix utilities, and dozens of other
related topics. We've covered hundreds of topics, and are probably the only
such list on the planet that routinely considers the ramifications and ways
of actually building the exciting ideas that the academics at the Crypto
conferences discover and write about.

(I can tell you that one of the main motivations we (Eric and I) had in
starting the group was to take the academic abstractions, things like "bit
commitment" and "dining cryptographers networks" and reify them into actual
blocks of code, or running programs.)

Some have argued that "Cypherpunks write code," which has been a short
slogan making it clear that one of our main interests is in actually
building and deploying these methods. This was a major goal in the spring
of 1992 when Eric (Hughes, for any newcomers) and I spent time hashing out
what is needed in crypto.

As far as I'm concerned, we're on track. Remailers have advanced far beyond
the early remailers, and that they exist at all is an accomplishment. The
"theory" of remailers is immensely accelerated by having actual remailers
in actual use to test theories against and to see real world behaviors.

Likewise, message pools have been built. A working anonymous market
(BlackNet, for example) has been instantiated, albeit not proliferated.
Digital money in various forms (Magic Money, work with Chaum's DigiCash,
etc.) has been used.

Lots of other examples. PGP, hooks to mail programs (though a lot more are
needed), key escrow considerations, etc.

Of course, things have gone more slowly in some areas than in others.
Digital money, and financial instruments in general, have proceeded in fits
and starts. I suspect this indicates that things like money are not done
lightly, and that many non-coding issues are intertwined in such a way as
to make any "amateur" efforts problematic. But it's only through trying
that the obstacles can be seen, so even our failures are useful.

Is this "writing code" in all cases? Of course not. Not everything is
coding. Planning and preparing is just as important. And consideration of
threat models is part and parcel of writing code, else one will not know
where to start writing code. Thus, for example, the hundreds of posts here
on key escrow (and some of us anticipated Clipper six months before it was
announced, allowing the Cypherpunks to hit the ground running as soon as it
was announced) and GAK are useful in countering the arguments of those who
have spent years planning such escrow (GAK) policies.

What I'm getting at is that the "Cypherpunks write code" mantra does not
mean that _only_ the few dozen folks actively writing C code can
contribute. Indeed, many of the folks now writing code have _claimed_ that
they were inspired to write some code in some area--remailers, digital
cash, SSL challenges, whatever--by the discussions here on this list.

Would they have been so inspired if all political, legal, and cultural
discussions had been expunged, if only the arcania of programming and C
were being discussed? After all, sci.crypt already exists, and even
sci.crypt.research, so why should the Cypherpunks list even exist, as these
groups are already ostensibly focussed on pure crypto issues.

No, Cypherpunks is about more than just C programming, about more than just
IETF issues, about more than just algorithms.

I think it great that so much programming discussion occurs, that so much
progress is being made. I just think some list.cops are going a bit
overboard in their denunciations of "off-topic" posts, and their increasing
shrillness in saying that anyone not out there writing Unix crypto programs
should stop posting.

Those who only want to read about "malloc" and "struct" are encouraged to
use the filtering tools which they surely have access to and to stop
telling us in shrill voices that posts are "off-topic."

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."