--
> > this means that with the proposed 29 bits, it would take
> > about 1.5 hours on the celeron 333, and more than one day
> > on the 486.
On 9 Mar 2002, at 14:29, Adam Back wrote:
> So this is indeed a problem.
>
> The other proposal I saw recently here was adapative
> charging -- charge nothing unless flood is detected, then
> increase postage requirement dynamically until the flood is
> squelched when the flooder is slowed down to a trickle.
>
> This has a couple of problems -- firstly the sender has no
> direct connection to the resource which is setting the
> price, so it is inconvenient to find out what value to put
> on the token. Anyway by the time the token arrives perhaps
> the price has increased and so the mail bounces.
>
> Related to anonymity: anonymous users don't want to direct
> http connections or such to find out what the current price
> is as that will tend to identify them as remailer users, as
> well as tending to correlate their true identify with their
> anonymous posts due to timing correlations between the two
> events.
>
> Some other ideas:
>
> What about is-a-person credentials with some non-trivial
> purchase cost. So a new nym would go to a web page do some
> proof of being human (type in a number contained in a gif),
> maybe do some proof of work (hashcash), and do some mild
> proof of uniqueness and anti-theft of credential (mail the
> credential to the email address given).
>
> If the same email-address is used twice, the user will be
> refused another credential.
>
> The user can then use the credential pseudonymously without
> being identified. If the user exceeds some pre-defined
> volume limit on the resource, the resource revokes the
> pseudonym.
>
> This has more of the desireed properties: there is some
> sign-up over-head for all users, which adds some
> inconvenience for regular users, but at least it is only
> one-off for them. For flooders on the other hand they can
> only send some sane limit per day of messages per nym; and
> the overhead of creating a whole stream of nyms to make a
> big flood is sufficiently inconvenient to make it quite
> tedious, though of course not impossible for some truly
> dedicated person who wants to spend all day typing numbers
> contained in images, minting 24hours worth of hashcash on a
> normal machine etc.
>
> If you wanted to get fancy you might be able to arrange
> that if the nym sent more than a certain volume of messages
> in a time period his email address would be revealed.
>
> Thoughts on this?
>
> (The anonymous is-a-person credentials could be built with
> Chaum's credentials, or more flexibly with Brands'
> credentials, perhaps Wagner's blind MAC based e-cash
> scheme.)
Much too complicated, much too clever.
If 29 bits of hashcash is too high, make it 27 bits.
I cannot see what is wrong with hashcash. Some people will
be inconvenienced more than others, but flooders will be far
more inconvenienced than anyone else. Just set the hashcash
price high enough to substantially reduce the flooding. It
will not be high enough to substantially reduce proper usage.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
4NIv8wvKmxEYYQ3EQCDK9nHl8Af4TSxN6rM+i0Oc
4hg6Xd4RviFy6NVuU3nxpUuwD18DOMI04QZ9oOOxB
