Payments as an answer to spam

Ian Grigg iang at systemics.com
Sat May 17 12:23:50 EDT 2003 

Anton Stiglic wrote:

> Payment systems [...] needs some kind of financial
> institution to bootstrap things (which is easier
> to do in a closed system, than in an open
> system like the Internet).

(See my other email on this!)

> Yes, you'll have the money to pay for the
> centralized servers, but the system will become
> more complex, which might infringe it's
> widespread deployment and use.  Hashcash
> is simple

Right!  It's a bit chalk and cheese, at
that level.

> > Speaking any which way, a scheme which
> > relies on "Have Microsoft integrate it ..."
> > is dead in the water.  In practice, I think
> > we are both agreed that deployment of such
> > a protocol remains an unsolved problem!
> 
> While I don't like the fact that almost everybody uses
> Microsoft products, it's a fact that I have to live with.


And that precisely is the point:  We have
to live with what they choose.  And, they
choose not to do hashcash.  Not only do
they choose not to do hashcash, I think I
can fairly confidentally say they will
*never* choose to do hashcash (simply because
it makes no sense for Microsoft to do so...).

You literally have no say, nor I, nor any
one, on what Microsoft does.

So, to say that "Have Microsoft implement
it" is actually an impossibility.  None
of us can 'have' Microsoft do anything,
so it's futile to propose anything that
relies on that step.

OTOH, implementing the protocol - whichever
be it hashcash or payments or whitelists -
*can* be done in the free mailers out there.
We can all quit our day jobs and code for
the Mozilla mailer project or whichever,
and have this thing whipped out in a year
or so.  That is within our power.

Whether it is a sensible thing to do is
what people are discussing, as it is simply
not clear what the best way to solve the
spam problem is.


> If there is something to be added on a client, having
> Microsoft add it will force everyone to use it.
> It's just a fact of life.  Take Microsoft Word as
> an example.
> 
> Do you have a proposal which would not involve
> Microsoft integrating something, and that would
> be used by everyone?


I actually don't have a complete proposal.
I'm just knocking holes in yours!  Sorry
for that.

I can say that a successful protocol
will deliver gains early on, and thus
reward the implementors in their efforts
to code it up into the 'open' mail
software products.

Later on, there is a possibility of
forcing Microsoft to adopt a successful
protocol, or risk being squeezed out of
the market.  It's slim pickings, but in
terms of Microsoft, that's all we, the
net people, have.

C.f., the web v. Blackbird, Java v.
C-sharp, etc etc.


> > > The only question that remains for me is if Hashcash-
> > > like schemes will really frustrate spamers, so
> > > the question is if it's worth to integrate it.
> >
> > Many people think spammers will find a way,
> > and the problem with Hashcash is that it is
> > hard to test in the small.  If you and I
> > follow the protocol, it means nothing to
> > the spammers.
> 
> Agreed, that's why you have to put it in all the MUAs,
> and after a couple of years everyone will start using it
> transparently.  It takes time, but that's the only way to
> do it.


Which is why, when we say that a spam
protection system only works when all
follow it, this actually means it is
unworkable.  Because there is no way
for us to implement a protocol that
everyone will adopt (or have adopted
for them).

-- 
iang

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list