solving the wrong problem
Steven M. Bellovin
smb at cs.columbia.edu
Sat Aug 6 17:16:24 EDT 2005
In message <27062101.1123360215327.JavaMail.root at elwamui-lapwing.atl.sa.earthli
nk.net>, John Kelsey writes:
>
>On the other hand, think about the uses of this technology
>for paper bearer instruments. Design travelers' checks that
>include a 2D barcode with a BLS signature, bound to the
>piece of paper, and you can print the damned thing on
>regular paper if the readers are cheap enough. Similar
>things apply to stamps, tickets, etc.
Tickets are an excellent use for this, because it binds the printing to
a specific physical object. The concert industry has had a problem
with trying to use print-at-home tickets -- the fraudsters buy a single
ticket, then print it multiple times and sell the resulting tickets to
others. One group is resorting to requiring ID at the door -- buyers
will never have a physical ticket until after they're escorted inside,
to eliminate the opportunity for such fraud. (See
http://www.nytimes.com/2005/08/06/arts/music/06scal.html for more
details.)
Yes, you could do everything via an online system based on identity
documents. Apart from the privacy implications, and the problem of
coping with network failures just prior to the start of a concert or
game, dealing with the multiple forms of ID people carry isn't easy; it
requires a fair amount of preparation and infrastructure. As I said,
people may be moving in that direction, but the article itself called
the scheme "laborious"; the band's manager called it "unbelievably
cumbersome".
I don't disagree with Perry's basic statement -- that a lot of people
try to solve the wrong problem. Here, though, we have a tool. It
remainds to be determined if it's a hammer, screwdriver, or wrench, and
hence what problems to apply it to.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list