At 10:12 AM 11/14/2003, Yakov Shafranovich wrote:
Eric S. Raymond wrote:
--- draft-crocker-spam-techconsider-02.txt 2003/11/14 16:37:39 1.1
+++ draft-crocker-spam-techconsider-02.txt 2003/11/14 16:52:25
@@ -566,6 +566,19 @@
is also not clear who should receive the fees or how
they should be disbursed.
+ Another possible form of sender-pays is to impose costs
+ at mail-transaction time without trying to clear them as
+ payments in the real world -- so-called "hash-cash" schemes.
+ The purpose of such techniques is not to compensate the
+ receiver for reading spam but to impose a friction cost on
+ spammers, ideally one that would make bulk-mail prohibitively
+ expensive. Hash-cash schemes rely on the existence of
+ challenge-response methods in which the response is provably
+ expensive to compute. A difficulty with them is that their
+ effectiveness could be diluted or eliminated by techniques
+ such as zombie-flood spamming attacks in which the spammer
+ essentially does not care about the amount of time any one
+ hijacked machine has to spend shipping a spam.
I forwarded the comments to Dave Crocker. However, my question is whether
we should add a comment here about the fact that spammers can build
specialized computers to do hashcash calculations and then perhaps rent it
out to other spammers to use. That possibility has been mentioned on the
list before. Even though it increases their costs, that increase might not
be enough to make spam not profitable.
This has been addressed in various places before (not in ASRG archives?).
http://www.camram.org/camram_works.html addresses it. There are answers to
this problem that involve developing a mix of resource commitments and not
just SHA1.
Mark
Yakov
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg