Payments as an answer to spam
Anton Stiglic
astiglic at okiok.com
Thu May 15 11:03:38 EDT 2003
----- Original Message -----
From: "Ian Grigg" <iang at systemics.com>
To: "Anton Stiglic" <astiglic at okiok.com>
[...]
> > I don't agree with that point. PODS implies
> > PKI, which is not easy at all. That's the
> > beauty of schemes like hashcash, they need
> > very little administration overhead.
>
> I'd disagree with that. PODS may
> imply a centralised server architecture
> (but, IMHO, so do payments). But it
> doesn't imply PKI. Certs imply PKI.
> One can do a perfectly good payment
> system with PODS, and without PKI.
>
> I'm not actually sure it is possible to
> do a good payment system *with* PKI.
> I'd suspect too much mass above the
> waterline for ultimate stability.
PODS using something à la PGP would not
imply PKI, but still a centralized server
as you said.
Payment systems don't need a PKI, but
a centralized server as you said, and
also needs some kind of financial
institution to bootstrap things (which is easier
to do in a closed system, than in an open
system like the Internet).
> Certainly hashcash has no centralised
> component, which makes it better on
> that point. But, it doesn't raise
> money. Those points need to be taken
> in balance. Money makes a centralised
> server workable, as its paid for. More
> money makes more centralised servers,
> so scaleability is covered too (crudely
> speaking).
Yes, you'll have the money to pay for the
centralized servers, but the system will become
more complex, which might infringe it's
widespread deployment and use. Hashcash
is simple
[...]
> Speaking any which way, a scheme which
> relies on "Have Microsoft integrate it ..."
> is dead in the water. In practice, I think
> we are both agreed that deployment of such
> a protocol remains an unsolved problem!
While I don't like the fact that almost everybody uses
Microsoft products, it's a fact that I have to live with.
If there is something to be added on a client, having
Microsoft add it will force everyone to use it.
It's just a fact of life. Take Microsoft Word as
an example.
Do you have a proposal which would not involve
Microsoft integrating something, and that would
be used by everyone?
> > The only question that remains for me is if Hashcash-
> > like schemes will really frustrate spamers, so
> > the question is if it's worth to integrate it.
>
> Many people think spammers will find a way,
> and the problem with Hashcash is that it is
> hard to test in the small. If you and I
> follow the protocol, it means nothing to
> the spammers.
Agreed, that's why you have to put it in all the MUAs,
and after a couple of years everyone will start using it
transparently. It takes time, but that's the only way to
do it.
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list