> -----Original Message-----
> From: Tim May [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, March 07, 2000 2:50 PM
> To: Stefan Brands
> Cc: '[EMAIL PROTECTED]'
> Subject: RE: About payee untraceability ...
>
> At 10:59 AM -0800 3/7/00, Stefan Brands wrote:
> >...
> >Here you circumvent the major issue by not addressing the concern.
> >If the design itself does not prevent it, then the extortion attack
> >cannot be prevented; contractual arrangements do not help, clearly.
> >Am I correct that you propose that the system should be designed in
> >such a way that there is zero protection against remote extortion?
>
> Yes.
>
> There are many "bad things" done with money.
>
> I've been writing about untraceable extortion and contract
> killings since
> 1988; I talked to Chaum about these issues at Crypto '88, and
> I am very
> well aware of bad things which are made easier--and other bad
> things which
> are made harder--with two-way untraceable digital cash.
>
> Attempting to head off _some_ perceived bad things by
> building traceability
> into digital cash is a strategic mistake, one the market will punish.
You are right in case the design would be *limiting* the functionality
of the system without there being a need. Here, though, we are choosing
from one of two different functionalities that cannot be achieved at
the same time. The market might just as well punish your decision of
building the remote extortion possibility into the design -- in fact,
consumers may prefer not to adopt it in light of this risk. Is that
worthwhile to you?
Stefan
