On Fri, Aug 29, 2014 at 1:43 PM, Eduardo' Vela" <Nava> <[email protected]> wrote: > > Regarding the SPAM problem, on publishing a list of emails vs a derived > value (scrypt or so): It's a tradeoff of auditability and semi-anonymity. We > might do it, but we want to be sure sacrificing auditability has been > thought over before deciding against it.
Yeah, it's questionable how much "semi-anonymity" gets you. People keep suggesting salt, but I don't think per-user salt is feasible (different salts could map Bob's address to different hashes, allowing the log to contain different public keys for Bob). So it doesn't seem possible to rate-limit lookups via salt, meaning that confirming email addresses from a Merkle Tree is only limited by hashing speed. People would probably reverse most of the addresses, so this means the difference between publishing, I dunno, 90% of email addresses versus 100%? (though for targeted users - political candidates, celebrities, etc, people would tune the searches and have a higher success rate.) OTOH, even if hashing worked, I'm not sure if you'd be sacrificing much "auditability". I would expect monitors to only be watching logs for changes to specific addresses, which hashing won't interfere with. So I guess the difference seems small - in either case, most addresses (particularly most "interesting" ones) are exposed and monitoring / auditing works. Trevor _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
