Payments as an answer to spam

Anton Stiglic astiglic at okiok.com
Thu May 15 11:03:38 EDT 2003 

----- Original Message ----- 
From: "Ian Grigg" <iang at systemics.com>
To: "Anton Stiglic" <astiglic at okiok.com>

[...]
> > I don't agree with that point.  PODS implies
> > PKI, which is not easy at all.  That's the
> > beauty of schemes like hashcash, they need
> > very little administration overhead.
>
> I'd disagree with that.  PODS may
> imply a centralised server architecture
> (but, IMHO, so do payments).  But it
> doesn't imply PKI.  Certs imply PKI.
> One can do a perfectly good payment
> system with PODS, and without PKI.
>
> I'm not actually sure it is possible to
> do a good payment system *with* PKI.
> I'd suspect too much mass above the
> waterline for ultimate stability.

PODS using something à la PGP would not
imply PKI, but still a centralized server
as you said.
Payment systems don't need a PKI, but
a centralized server as you said, and
also needs some kind of financial
institution to bootstrap things (which is easier
to do in a closed system, than in an open
system like the Internet).


> Certainly hashcash has no centralised
> component, which makes it better on
> that point.  But, it doesn't raise
> money.  Those points need to be taken
> in balance.  Money makes a centralised
> server workable, as its paid for.  More
> money makes more centralised servers,
> so scaleability is covered too (crudely
> speaking).

Yes, you'll have the money to pay for the
centralized servers, but the system will become
more complex, which might infringe it's
widespread deployment and use.  Hashcash
is simple

[...]

> Speaking any which way, a scheme which
> relies on "Have Microsoft integrate it ..."
> is dead in the water.  In practice, I think
> we are both agreed that deployment of such
> a protocol remains an unsolved problem!

While I don't like the fact that almost everybody uses
Microsoft products, it's a fact that I have to live with.
If there is something to be added on a client, having
Microsoft add it will force everyone to use it.
It's just a fact of life.  Take Microsoft Word as
an example.

Do you have a proposal which would not involve
Microsoft integrating something, and that would
be used by everyone?


> > The only question that remains for me is if Hashcash-
> > like schemes will really frustrate spamers, so
> > the question is if it's worth to integrate it.
>
> Many people think spammers will find a way,
> and the problem with Hashcash is that it is
> hard to test in the small.  If you and I
> follow the protocol, it means nothing to
> the spammers.

Agreed, that's why you have to put it in all the MUAs,
and after a couple of years everyone will start using it
transparently.  It takes time, but that's the only way to
do it.

--Anton


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list