taler
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Taler] denomination manipulation

From: Sree Harsha Totakura
Subject: Re: [Taler] denomination manipulation
Date: Thu, 26 Nov 2015 17:18:03 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 
On 11/26/2015 03:14 PM, Jeff Burdges wrote:
> Also, we're offering the /keys API call under the same domain as other
> mint functions, so the mint knows the user's identity when they offer
> this information, and they would anyways if they've few customers.

This is why it is important that the mint is accessed anonymously (via
Tor) by the users.

> I'd imagine merchants can also be identified when they access /keys, as
> they do not usually come from tor exit nodes. 
> 
> It's therefore possible to offer different denomination keys to
> different users, and offer merchants the union of all denomination key
> sets.
> 
> Ideally, one should host the different mint API calls on different 1
> -hop onion services, thereby forcing customers and merchants to access
> the mint over Tor.

Alternatively, we can have anonymous ombudsmen to keep checking the
mints' keys anonymously and if there happens to be any foul play by a
mint, they can be then able to prove it since all the lists are signed
by the mint.

Sree
reply via email to
[Prev in Thread] Current Thread [Next in Thread]