1995-01-29 - Re: Data Bank

Header Data

From: norm@netcom.com (Norman Hardy)
To: cypherpunks@toad.com
Message Hash: f4c5ed604055833bbdaeb7e27c13b3e12c2f482e979aa5b2ce7efc5ff06d4df7
Message ID: <ab51855603021004ede6@DialupEudora>
Reply To: N/A
UTC Datetime: 1995-01-29 18:22:04 UTC
Raw Date: Sun, 29 Jan 95 10:22:04 PST

Raw message

From: norm@netcom.com (Norman Hardy)
Date: Sun, 29 Jan 95 10:22:04 PST
To: cypherpunks@toad.com
Subject: Re: Data Bank
Message-ID: <ab51855603021004ede6@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


My second posting crossed in the mail with Eric's notes.

At 9:09 AM 1/29/95, Eric Hughes wrote:
>   From: norm@netcom.com (Norman Hardy)
....
>
>   The hat check is signed blindly by the bank and is a
>   bearer instrument.
>
>There's no need to have it signed blind.  A blind signature is useful
>when two parties have some persistent relationship with the
>intermediary; when they don't have identity, there's no need for
>blinding.
....
> We therefore conclude that there's no need for a blind
>signature here at all.

Yes, I was confused.  jpp@markv.com had yet other valid objections.
....
>   Cancel a hat check: A holder of a hat check may sell it back to the bank at
>   a negotiated price thus releasing the bank from the threat of paying a
>   penalty in the future.
>
>This cancellation can't be done well.  Remember that the parties are
>remaining anonymous to the data bank.  In order to release the data
>bank of an obligation, some party would have to make some signed
>statement releasing the data bank from the obligation.  But making a
>signature reveals identity, perforce.

I have a novel sense of cancelation in mind. The check is canceled by the
mere fact that the bank knows the Secret that produced the SH(Secret) in
the check. The bank need not acquire or maintain a signed check revocation.
This is sort of like Chaum's spent bills. This requires the client to trust
the bank during the penalty transaction or to require escrow service. I
have modified the original to describe this better.

>
>Furthermore the retrieval note is a bearer instrument, but it's a
>_digital_ bearer instrument, which means you can't simply give the
>note back to the data bank.  There's no piece of paper to return.
>Once the note is out there, it's out there forever.  There can be lots
>and lots of bearers.  Which one of them gets to release the data bank
>of its obligation?
....
Any bearer. Just as any bearer of a Chaum bill can spend it. Only he who
spends it first, can spend it. Disseminate your hat checks carefully. That
is another reason that Getty, in the example, holds the hat check
carefully.
....
>   The hat check may specify expiration dates, cancellation terms etc.
>
>The retrieval note very well should specify an expiration date, since
>otherwise the data bank has specified an obligation in perpetuity.  A
>perpetual obligation is much less stable than a fixed-time one.  The
>value to the data bank of disappearance grows larger as the cost of
>storing the data increases.  No new external revenue is coming in (by
>definition -- otherwise you've got a renewable agreement, which is
>different) and all you've got is costs.  So there becomes little
>reason not to simply abscond with the assets and deny any outstanding
>obligations.
>
>A customer, therefore, would be wise not to deal with a data bank
>which signed perpetual obligations.  If a customer wants indefinitely
>long storage, the best way to do this is with a set of interlocking
>obligations with mutually ignorant parties.
....
Good points. I anticipate more complex broker services here.

I like the idea of a penalty for delay in retrieving the data aside from
penalty for loosing the data. This may be strategic in the bank's arranging
for the storage and retrieval from other sites and banks.

Thanks. I will try to produce an emmended version thru ftp soon.







Thread