Re: postage without licking or sticking -- just clicking.

Carl A. Wescott (eyethink@cse.ucsc.edu)
Sat, 11 Apr 1998 14:49:42 -0700

• Next message: Lucky Green: "ECC security [was: Re: mercury rising query...]"
• Previous message: Martin G. Diehl: "Re: postage without licking or sticking -- just clicking."
• In reply to: Mark A. Herschberg: "postage without licking or sticking -- just clicking."

> My first reaction to the estamp was "traffic analysis" -
> the estamp has enough room in its bar code to keep track of
> who bought the stamps. The web site doesn't indicate the
> data formats....

        Hmmm, it _has_ to in order to detect double spending. Suppose
        you were able to capture the "stamp" at the printer port and
        "reimport" it as a graphic format -- that stamp could be used
        over and over.

IBIP is not impervious to replay attacks. Replay in this case would
require the same receiver/addressee of the mail. The costs of (full) auditing
for replay fraud would be enormous & probably not worth it. The (forseen) market
for IBIP products right now is primarily the business market. Like
with software piracy, it seems unlikely that corporations will engage
in postal fraud - they have too much to lose and too little to gain.

--Carl

• Next message: Lucky Green: "ECC security [was: Re: mercury rising query...]"
• Previous message: Martin G. Diehl: "Re: postage without licking or sticking -- just clicking."
• In reply to: Mark A. Herschberg: "postage without licking or sticking -- just clicking."