Governance of anonymous financial services

Steve Schear s.schear at comcast.net
Fri Mar 30 11:34:09 EDT 2007


At 08:23 PM 3/29/2007, Allen wrote:
>Steve,
>
>I assume that you mean the owner of the on-line financial service when you 
>say "operator," correct? In which case what exactly are the auditors going 
>to be looking at when comes time to audit but the operator's identity, 
>whereabouts, the servers and a portion of the assets are undisclosed?

As we have seen in the prosecutions of large corporation officers knowing 
their identity is no guarantee that stakeholders will not be 
defrauded.  Can you explain why knowing the server whereabouts is 
required?  Certainly there are cryptographically sound ways (e.g., time 
stamps from independent and trusted sources, hash chaining, etc.) that anon 
DBC mints can provide transaction logs that can be publicly examined and 
verified without ever touching the server.


>In a basic sense auditing is to see if the reality behind the books 
>matches the books. That the number of sheaves of wheat you have in the 
>warehouse match the number you have in the office. If you can not locate 
>the reality what are you verifying?

The scenario described and method I proposed I think do address the 
identification of assets.  I maintain that random sampling can, when 
properly carried out, provide a mathematically sound confidence of the 
total size of assets.

>I think, rather than governance, this goes to the heart of trust in 
>relationships. Governance to me is more the process of verifying that the 
>trust is not misplaced and that audits are simply one way, but only one of 
>many ways, of quantifying the level of trust one can have in the relationship.

Agreed.

Steve 

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list