On 9/25/07, Pars Mutaf <pars(_dot_)mutaf(_at_)gmail(_dot_)com> wrote:
On 25 Sep 2007 16:33:32 -0000, John Levine <johnl(_at_)iecc(_dot_)com> wrote:
1. The querier user types the target user's "human name" (as if he were
consulting a phonebook), or a pseudoynm.
2. The pairing request is forwarded to the target phone.
3. The query, along with the querier user's name, are displayed on the
target phone's screen.
I have a list of 250,000 people here (scraped off web sites) to whom
I'd just love to make recorded phone calls. Can I use your protocol
to ask them all if it's OK? If not, why not, and how are you going to
Using a Turing test (CAPTCHA) for example.
When you make a request, the target phone returns a captcha. If you
don't provide the right solution, the target user won't even see your
request, it will be dropped. Captcha's difficulty can be adaptively
tuned by the target phone..
So another step should be added to the above description.
A quick addition to my previous mail:
Captcha is proposed for protecting the target user against
disturbing bogus requests.
There is also the 4th step (below) in the original mail which suggests
that user approval is needed before the phone number
(or any info you like) is returned to the querier:
4. The target user approves the request in real-time by pushing on the YES
button of the phone.
I hope this answers your question!
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The
Information Superhighwayman wanna-be, http://www.johnlevine.com ,
"More Wiener schnitzel, please", said Tom, revealingly.
Ietf mailing list