How about figuring out a robust hashcash and signature mechanism, and
considering how well it would work, including the possibility of third
parties selling hashcash as a form of decentralised e-postage. There's
already some work in this area, which can be built upon, but a summary
of this would be useful.
Oh, and I think I've figured out a way to do signatures without
involving the message content (which is liable to change in transit
under various circumstances). It ties in neatly with hashcash. :)
Simply put, since the hashcash must be unique per message, do the
signature on the hashcash rather than the message itself. For messages
which don't require high-value hashcash due to whitelisting, generate a
trivial (say 8-bit) unique hashcash and use that for the signature.
Hashcash and signatures are non-starters (or deserve to be) for the simple and
immutable reason that compromised spambot zombies will pump out large numbers
of
hashcash-certified, signature-carrying spams.
AGAIN, THIS DOES NOT SOLVE THE PROBLEM. It only makes the system more
complicated and expensive.
Gordon Peterson http://personal.terabites.com/
1977-2002 Twenty-fifth anniversary year of Local Area Networking!
Support free and fair US elections! http://stickers.defend-democracy.org
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg