Governance of anonymous financial services
Steve Schear
s.schear at comcast.net
Fri Mar 30 11:34:09 EDT 2007
At 08:23 PM 3/29/2007, Allen wrote:
>Steve,
>
>I assume that you mean the owner of the on-line financial service when you
>say "operator," correct? In which case what exactly are the auditors going
>to be looking at when comes time to audit but the operator's identity,
>whereabouts, the servers and a portion of the assets are undisclosed?
As we have seen in the prosecutions of large corporation officers knowing
their identity is no guarantee that stakeholders will not be
defrauded. Can you explain why knowing the server whereabouts is
required? Certainly there are cryptographically sound ways (e.g., time
stamps from independent and trusted sources, hash chaining, etc.) that anon
DBC mints can provide transaction logs that can be publicly examined and
verified without ever touching the server.
>In a basic sense auditing is to see if the reality behind the books
>matches the books. That the number of sheaves of wheat you have in the
>warehouse match the number you have in the office. If you can not locate
>the reality what are you verifying?
The scenario described and method I proposed I think do address the
identification of assets. I maintain that random sampling can, when
properly carried out, provide a mathematically sound confidence of the
total size of assets.
>I think, rather than governance, this goes to the heart of trust in
>relationships. Governance to me is more the process of verifying that the
>trust is not misplaced and that audits are simply one way, but only one of
>many ways, of quantifying the level of trust one can have in the relationship.
Agreed.
Steve
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list