From: Adam Shostack <adam@bwh.harvard.edu>
To: hughes@ah.com (Eric Hughes)
Message Hash: db092370752722b389c9db447088db49bc465a0c4717032ffd3689cdaaaef69e
Message ID: <199408292013.QAA16862@bwh.harvard.edu>
Reply To: <9408290345.AA28187@ah.com>
UTC Datetime: 1994-08-29 20:14:58 UTC
Raw Date: Mon, 29 Aug 94 13:14:58 PDT
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Mon, 29 Aug 94 13:14:58 PDT
To: hughes@ah.com (Eric Hughes)
Subject: Re: In Search of Genuine DigiCash
In-Reply-To: <9408290345.AA28187@ah.com>
Message-ID: <199408292013.QAA16862@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain
A system built like this is not only expensive in terms of
paying employees, its also asking to be exploited. The people doing
the ID checking are likely to be poorly paid, poorly trained,
undermotivated and easily bribed into entering the data of your
choice, giving away their password, etc.
Also, the folks who do the archiving (the physical tape
swapping, labelling, etc) are likely to be as easily manipulated as
the ones who do the identity verification.
Adam
Eric Hughes wrote:
| Take "recording of names", for example. You're going to have to hire
| (physical) people to look at other (physical) people and look at
| various forms of ID. You'll have to pay these employees, and staff
| costs always dominate the other costs in service industries. You'll
| have to ascertain that a particular public key, for example, matches
| that of the (physical) person who opened the account.
|
| When the gov't comes and asks for all the records for a certain name,
| you'll have to produce all that you have or be criminally negligent.
| I assure you, setting up an archival system for seven years of
| transaction information with high reliability is not inexpensive.
Return to August 1994
Return to “Adam Shostack <adam@bwh.harvard.edu>”
Unknown thread root