1993-12-07 - swIPe Internet Draft

Header Data

From: jim@Tadpole.COM (Jim Thompson)
To: cypherpunks@toad.com
Message Hash: 731c9095137dd6184c0169134217461537fea2dc5f66ad9a2a51b9cdcfd8b9ec
Message ID: <9312070006.AA06651@chiba.tadpole.com>
Reply To: N/A
UTC Datetime: 1993-12-07 00:10:12 UTC
Raw Date: Mon, 6 Dec 93 16:10:12 PST

Raw message

From: jim@Tadpole.COM (Jim Thompson)
Date: Mon, 6 Dec 93 16:10:12 PST
To: cypherpunks@toad.com
Subject: swIPe Internet Draft
Message-ID: <9312070006.AA06651@chiba.tadpole.com>
MIME-Version: 1.0
Content-Type: text/plain


From owner-cypherpunks  Mon Dec  6 18:30:11 1993
Received: by toad.com id AA28174; Mon, 6 Dec 93 18:25:09 PST
Received: by toad.com id AA28155; Mon, 6 Dec 93 18:23:41 PST
Received: from nova.unix.portal.com (portal.com) by toad.com id AA28151; Mon, 6 Dec 93 18:23:35 PST
Return-Path: <hfinney@shell.portal.com>
Received: by nova.unix.portal.com (5.65b/4.1 1.577) 
	id AA18293; Mon, 6 Dec 93 18:23:53 -0800
Received: from jobe  by portal.unix.portal.com (1.876) 
	id AA20454; Mon, 6 Dec 93 18:23:51 -0800
Received: by jobe (4.1/1.34)
	id AA25786; Mon, 6 Dec 93 18:23:49 PST
Date: Mon, 6 Dec 93 18:23:49 PST
Message-Id: <9312070223.AA25786@jobe.shell.portal.com>
To: cypherpunks@toad.com
From: nobody@shell.portal.com
Comments: This message is NOT from the person listed in the From
 line.  It is from an automated software remailing service operating at
 that address.  Please report problem mail to <hfinney@shell.portal.com>.

>Date: Mon, 6 Dec 93 20:44:56 -0500
>From: "Alan (Miburi-san) Wexelblat" <wex@media.mit.edu>

>I tried "unsubscribe cypherwonks Alan Wexelblat" and got back a barf message
>saying that I had to "unsubscribe <listname> <address>" so I tried
>"unsubscribe cypherwonks wex@media.mit.edu" and got back a barf message
>saying "No matches found for 'wex@media.mit.edu'

>Help!  Is there a human being associated with this annoying piece of crap?
>I suppose I can just add a new formula to my .procmailrc, but I'd rather
>kill it at the source...

I was considering modifying my mail sorting software to forward anything
from "cypherwonks" to ld231782@longs.lance.colostate.edu, as a gift.
Maybe if we all do this, he'll get the hint....

From owner-cypherpunks  Mon Dec  6 15:40:19 1993
Received: by toad.com id AA24584; Mon, 6 Dec 93 15:35:09 PST
Received: by toad.com id AA24522; Mon, 6 Dec 93 15:32:04 PST
Return-Path: <mg5n+@andrew.cmu.edu>
Received: from andrew.cmu.edu ([128.2.10.101]) by toad.com id AA24518; Mon, 6 Dec 93 15:30:44 PST
Received: from localhost (postman@localhost) by andrew.cmu.edu (8.6.4/8.6.4) id SAA28701; Mon, 6 Dec 1993 18:28:08 -0500
Received: via switchmail; Mon,  6 Dec 1993 18:28:04 -0500 (EST)
Received: from haise.res.andrew.cmu.edu via qmail
          ID </afs/andrew.cmu.edu/service/mailqs/q001/QF.Ah0vyDa00awL00eF8E>;
          Mon,  6 Dec 1993 18:26:10 -0500 (EST)
Received: from haise.res.andrew.cmu.edu via qmail
          ID </afs/andrew.cmu.edu/usr12/mg5n/.Outgoing/QF.0h0vy2a00awL4aCEge>;
          Mon,  6 Dec 1993 18:25:55 -0500 (EST)
Received: from Messages.8.5.N.CUILIB.3.45.SNAP.NOT.LINKED.haise.res.andrew.cmu.edu.pmax.ul4
          via MS.5.6.haise.res.andrew.cmu.edu.pmax_ul4;
          Mon,  6 Dec 1993 18:25:54 -0500 (EST)
Message-Id: <Mh0vy2S00awL0aCEZY@andrew.cmu.edu>
Date: Mon,  6 Dec 1993 18:25:54 -0500 (EST)
From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
To: cypherpunks@toad.com, bdolan <71431.2564@CompuServe.COM>
Subject: Re: Digicash question
In-Reply-To: <931206210540_71431.2564_FHA55-1@CompuServe.COM>
References: <931206210540_71431.2564_FHA55-1@CompuServe.COM>

A newbie, bdolan <71431.2564@CompuServe.COM> timidly asked:

> X gives $101 to First Digital Bank, which gives X a PGP-signed
> password representing a claim on $100 (or maybe they would do
> this just for the "float").  X gives the $100 password to Y, in
> exchange for a narco-terrorism decoder ring.  Y, being a cautious
> soul, calls First DigiBank immediately and gives it the password.
> DigiBank pockets $1 and issues Y a new signed password good
> for $99.  Note that DigiBank (1) doesn't need to know who Y
> is and (2) ensures that a given money-password is only spent
> once.  By the same method, Y can pay Z and Z can deposit the
> credit in BillnHill's S&L for settlement.  Or the money can keep
> floating around until DigiBank gets it all, which is what
> usually happens now ;-)

Well, it could work that way.  The only thing that I see being a problem
is that you're using public-key crypto when you don't really need to. 
This allows the bank to associate a public key with an identity.  (which
is what Derek Atkins <warlord@MIT.EDU> said.)  But, basically, you could
simplify the system to this: X has a password which is worth $100 in
cash from FDB.  X gives the password to Y.  Y then calls the bank and
changes the password to whatever he wants.  Y now has $100 digital money
(minus the bank's transaction fee).  The bank has no way of knowing who
gave them the new password.  (You could also have the bank generate
random passwords, and give them to the client.)  Notice that no public
keys (and no identification) is used.  The only need for public keys in
such a situation would be to establish a secure transmission channel; in
which case, someone could make up a random keypair, make a transaction
with the bank and then discard the private key - the money would be
identified by the secret password.
The only other thing to point out, is that each digital
coin/token/denomination must have its own password - what if he only
wanted to spend $57 and not $100?  So each dollar would have to be
seperate; to spend $100, X would have to give Y 100 seperate passwords. 
Unless, of course, you have digicoins of different denominations, but
then you have to have correct change.

Of course, you are still left with the the problem of needing to trust
the bank. :(

Good point about the bank taking its cut - I think we need to come up
with a fair system for dealing with that...


P.S. I'm glad to see some people on this list still want to talk about
real crypto, instead of, ahem, other distractions...

From owner-cypherpunks  Mon Dec  6 15:40:11 1993
Received: by toad.com id AA24546; Mon, 6 Dec 93 15:33:22 PST
Received: by toad.com id AA24543; Mon, 6 Dec 93 15:33:14 PST
Return-Path: <pmetzger@lehman.com>
Received: from lehman.com ([192.147.66.1]) by toad.com id AA24539; Mon, 6 Dec 93 15:33:09 PST
Received: from relay.lehman.com by lehman.com (8.6.4/LB 0.1)
	id SAA19346; Mon, 6 Dec 1993 18:33:00 -0500
Received: from kublai.lehman.com by relay.lehman.com (4.1/LB-0.6)
	id AA01184; Mon, 6 Dec 93 18:32:48 EST
Received: from snark.ts.lehman.com by kublai.lehman.com (4.1/SMI-4.1)
	id AA24123; Mon, 6 Dec 93 18:32:46 EST
From: pmetzger@lehman.com (Perry E. Metzger)
Received: from localhost by snark.ts.lehman.com (8.6.4/8.6.3)
	id SAA10971; Mon, 6 Dec 1993 18:32:45 -0500
Date: Mon, 6 Dec 1993 18:32:45 -0500
Message-Id: <199312062332.SAA10971@snark.ts.lehman.com>
To: cypherpunks@toad.com
Subject: moderated cryptography list
Reply-To: pmetzger@lehman.com
X-Reposting-Policy: redistribute only with permission


Hello, all.

I'm looking for a site willing to host a high-quality moderated
cryptography mailing list which I am thinking of starting up.  The
list would be designed as a low volume, high readership, high quality
source for

1) In-depth technical discussions of cryptography
2) Announcements of cryptographic products
3) Announcements of news items of interest to the cryptography
   community.
4) VERY limited numbers of postings on the social implications of
   cryptography, and I mean VERY limited.

All postings would be explicitly approved by the moderator before
going out to assure quality. Yes, that means fascistic restriction of
your capacity for free speech, in exchange for not being overwhelmed
with garbage every day.

It is ultimately envisioned that should the list be a success I would
try to move it to a moderated Usenet newsgroup.

If you think that such a list is a Good Thing, and you can host it
(which requires that you have a good internet connection and root
access or similar on the machine in question), please let me know.
I'll do all the work, and the crypto community will thank you
tremendously.

Perry Metzger

From owner-cypherpunks  Mon Dec  6 15:50:08 1993
Received: by toad.com id AA24625; Mon, 6 Dec 93 15:40:08 PST
Received: by toad.com id AA24609; Mon, 6 Dec 93 15:36:39 PST
Return-Path: <mech@eff.org>
Received: from eff.org by toad.com id AA24600; Mon, 6 Dec 93 15:36:25 PST
Received: from localhost (mech@localhost) by eff.org (8.6.4/8.6.4) id SAA18789; Mon, 6 Dec 1993 18:36:10 -0500
From: Stanton McCandlish <mech@eff.org>
Message-Id: <199312062336.SAA18789@eff.org>
Subject: GAO's "Comm. Privacy: Federal Policy & Actions" now online!
To: eff-talk@eff.org
Date: Mon, 6 Dec 1993 18:36:10 -0500 (EST)
Cc: alt.politics.datahighway@eff.org, sci-crypt@cs.utexas.edu,
        alt-privacy-clipper@cs.utexas.edu, alt-security-pgp@cs.utexas.edu,
        cypherpunks@toad.com, thesegroups@tic.com, alt-activism@cs.utexas.edu,
        alt-privacy@cs.utexas.edu, comm-priv@psi.com
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 2830      

The US General Accounting Office's report, "COMMUNICATIONS PRIVACY:
Federal Policy and Actions" is now online at both the GAO and EFF ftp sites.

From EFF, you can get the document via anonymous ftp to ftp.eff.org.  The
document is ~pub/eff/papers/osi-94-2.txt.

The file is ~143K.

Here's some info on the report from the latest EFFector Online (6.06):

____ begin fwd _____

Subject: Government Accounting Office Report on Communications Privacy

A few days ago, the Government Accounting Office (GAO) -- an important
internal government investigative organization that's about a lot more
than accounting -- issued a report on communications privacy.

The report makes four very important findings:

1. Privacy-protecting technology (crytopgraphy) is increasingly important
for protecting the security of business communications and personal
information.  But federal policy is getting in the way of this technology.

"Increased use of computer and communications networks, computer literacy,
and dependence on information technology heighten US industries risk of
losing proprietary information to economic espionage.  In part to reduce
the risk, industry is more frequently using hardware and software with
encryption capabilities.  However, federal policies and actions stemming
from national security and law enforcement concerns hinder the use and the
export of U.S. commercial encryption technology and may hinder its
development."

2. The NSA's role in this area is has been extensive, and possibly beyond
the spirit of the Computer Security Act.

"Although the Computer Security Act of 1987 reaffirmed NIST's reponsibility
for developing federal information-processing standards for security of
sensitive, unclassified information, NIST follows NSA's lead in developing
certain cryptographic standards"

3. Opportunity for public input in the standards process has been
insufficient, leading to proposals like Clipper which lack public support.

"These policy issues are formulated and announced to the public, however,
with very little input from directly affected business interests, academia,
and others."

The report draws no specific policy conclusions, but provides excellent
ammunition for those of us who are trying to open up the standards process
and get export controls lifted.

Full text of the report (GAO/OSI-94-2 Communications Privacy: Federal
Policy and Actions) has been made available by ftp from GAO.

The document can be obtained from EFF's FTP site as
~pub/eff/papers/osi-94-2.txt

-- 
Stanton  McCandlish  mech@eff.org  1:109/1103   EFF  Online  Activist & SysOp
O P E N  P L A T F O R M   C R Y P T O P O L I C Y   O N L I N E  R I G H T S
N  E  T  W  O  R  K  I  N  G      V  I  R  T  U  A  L     C  U  L  T  U  R  E
I   N   F  O :  M   E   M   B   E   R   S   H   I   P  @  E  F  F  .  O  R  G

From owner-cypherpunks  Mon Dec  6 16:13:26 1993
Received: by toad.com id AA25376; Mon, 6 Dec 93 16:10:09 PST
Received: by toad.com id AA25248; Mon, 6 Dec 93 16:07:00 PST
Return-Path: <unicorn@access.digex.net>
Received: from access.digex.net ([164.109.10.3]) by toad.com id AA25244; Mon, 6 Dec 93 16:06:53 PST
Received: by access.digex.net id AA23282
  (5.67a8/IDA-1.5 for cypherpunks@toad.com); Mon, 6 Dec 1993 19:05:55 -0500
Date: Mon, 6 Dec 1993 19:05:55 -0500
From: Black Unicorn <unicorn@access.digex.net>
Message-Id: <199312070005.AA23282@access.digex.net>
To: nowhere@bsu-cs.bsu.edu, sdw@meaddata.com
Subject: Re: Anarchy Gone Awry (fwd)
Cc: cypherpunks@toad.com, cypherwonks@Lists.EUnet.fi


This post is a perfect example why the two lists should be kept seperate
and not merged.  This sounds to me like it belongs on alt.politics.data-
highway.

-uni- (dark)

From owner-cypherpunks  Mon Dec  6 14:33:20 1993
Received: by toad.com id AA23201; Mon, 6 Dec 93 14:30:08 PST
Received: by toad.com id AA23182; Mon, 6 Dec 93 14:26:47 PST
Return-Path: <mech@eff.org>
Received: from eff.org by toad.com id AA23174; Mon, 6 Dec 93 14:26:34 PST
Received: from localhost (mech@localhost) by eff.org (8.6.4/8.6.4) id RAA17143 for cypherpunks@toad.com; Mon, 6 Dec 1993 17:26:25 -0500
Received: from lassie.eunet.fi (lassie.eunet.fi [192.26.119.7]) by eff.org (8.6.4/8.6.4) with SMTP id NAA11272 for <mech@eff.org>; Mon, 6 Dec 1993 13:01:02 -0500
Received: by lassie.eunet.fi id AA26077
  (5.67a/IDA-1.5 for mech@eff.org); Mon, 6 Dec 1993 20:00:58 +0200
Date: Mon, 6 Dec 1993 20:00:58 +0200
Message-Id: <199312061800.AA26077@lassie.eunet.fi>
To: mech@eff.org
From: Majordomo@Lists.EUnet.fi
Subject: Welcome to cypherwonks
Reply-To: Majordomo@Lists.EUnet.fi
Sender: mech@eff.org

Welcome to the cypherwonks mailing list!

If you ever want to remove yourself from this mailing list, send the
following command in email to "Majordomo@Lists.EUnet.fi":

    unsubscribe cypherwonks Stanton McCandlish <mech@eff.org>

Here's the general information for the list you've subscribed to, in
case you don't already have it:


This is the Cypherwonks mailing list

Below is The Cypherwonk Charter, by L. Detweiler, Cypherwonk Janitor

The cypherwonks are a splinter group from the cypherpunks also
interested in promoting and implementing cryptographic technology.
However, we have unique ideas on how to successfully implement these
radical new capabilities to ensure privacy without encouraging criminal
behaviors like forgery and `online predation'. We are also interested
in a far more ambitious goal of `technological progress' that
transcends a mere obsession with privacy and anonymity. The cypherwonks
believe that many aspects of a identification and government are
necessary and crucial for any social stability (particularly related to
judicial and law enforcement systems), and are quite alarmed at talk
about a `cryptoanarchy' resulting from the mere implementation of
software protocols -- although we realize that radical new forms of
government may appear with these new technologies, embodied in one term
`Electronic Democracy'.

We believe that while sometimes the `majority' can become a `tyranny',
in general the idea of voting as a civilized way of resolving proposals
and `one person, one vote' are sacred, and we are interested in
implementing systems that promote interaction and collaboration among
motivated and enthusiastic members, whether within the cypherwonk
organization or within their nations (cypherwonks, of course, try to
think free of local prejudices, and globally).

Cypherwonks understand that *trust* and *honesty* are inherent in all
human endeavors, *particularly* communication. We recognize that people
trust others not to reveal our private email unless given permission,
we trust others not to use information from our mail or about their
identities to adverse aims, we trust that systems delivering mail will
not be corrupted by criminals, or if they get caught there will be
serious consequences, and many other explicit and implicit variations.
We know that there are many ingenious ways of minimizing the amount of
trust required in unknown components such as with the use of
cryptography or pseudonyms, and we seek passionately to invent and use
them, but at the root level, email is an exchange between human beings
who trust each other. Therefore, we hold a sense of ethics and morality
in strong reverence, and even though we're not always precisely sure
what they entail, we know that they exist and we strive for the right
ideal. We abhor the idea that `it's not wrong if you can get away with
it' or other variations of moral relativism.

Cypherwonks are also extremely interested in promoting and implementing
`digital cash', but believe that while invariably the state's taxes
tend to become burdensome, few civilized, technological societies are
free of them, and certainly we do not advocate tax evasion, `black
marketeering', or any other subversive or illegal activities through
cryptographic techniques, and even beyond this we seek design protocols
that discourage these subversive aims in general, because of their
toxic, fragmentary effect on social unity.

Cypherwonks recognize that our mailing list is extremely critical in
coordinating our movement and our fellow members. It is our central
nervous system. While the list is informal, we demand a professional
atmosphere, and will privately object to people who are publicly rude
or belligerent. But we are also extremely careful about what we say to
each other in private, because people can be extremely influenced by
what they receive in mail. We would be aghast and horrified to find
that somebody viciously criticized someone in private mail based on
public postings, for example. We place high value on being courteous to
each other and minimizing disagreement where possible, forging
consensus, and the art of diplomacy in surmounting political barriers.
We trust each other on the list and in personal email. We wish to have
an open, uplifting, inspiring, honest, representative, polite,
respectful, egalitarian dialogue. We will never use the mailing list
for personal or selfish reasons -- we strive to serve our fellow
cypherwonks through our postings. We are what we claim to be. We abhor
secrecy, `security through obscurity', and conspirational cliques.

Cypherwonks are extremely interested in promoting some forms of
anonymity. However, we do not necessarily believe that others are
required to read anonymous postings. To the contrary, we believe that
the individual should have the tools and freedom to filter his or her
own mail based on real identities. In particular, we condemn the
practice of `pseudospoofing,' the dangerous deception where a person
builds up a pseudonym and misrepresents it as being that of a real
person's identity. We police each other on the list to prevent it, and
require a promise that our members refrain from it. While our trust can
be betrayed, only those that are honest are true cypherwonks, and
anyone who betrays our trust we consider a dishonist hypocrite, or worse, a tra
  *itor.

Cypherwonks are extremely interested in building tangible systems.
Engineers who love to discuss the nitty-gritty details of some scheme
are at home on the cypherwonks list. We like to impress each other with
our knowledge but at the same time state it in relevant and humble
terms. We are not trying to win popularity contests with our postings.
We are trying to accomplish ambitious endeavors. We are especially
ecstatic to make connections with other cypherwonks interested in the
same projects we are, and cooperating to build useful tools. We like to
give status reports of our intermittent real-world meetings and




Thread