On Mon, Nov 17, 2008 at 4:21 PM, Barry Shein
<bzs(_at_)world(_dot_)std(_dot_)com> wrote:
On November 17, 2008 at 15:13 gklaas(_at_)sacto(_dot_)com (Gerald Klaas)
wrote:
> >> It kills this model dead at any interesting message volume.
>
> True for central authority of crypto cookies, or highly complex
algorithms
> that require significant CPU resources, but what if recipients issued
and
> tracked their own "crypto cookies" (stamps) that senders could obtain in
a
> standard automated method?
>
But this would seem to converge onto a whitelisting or C/R scheme, no?
It would, although the "whitelisting" is as defined by the recipient's
process of verification of cookie/stamp, and the C/R scheme is the defined
standard method of obtaining a cookie/stamp. Note that obtaining a
stamp might or might not be out-of-band from SMTP.
I guess it has the added advantage of some confidence that the sender
is who they say they are since they're presenting your stamp.
The stamp issuer also has the ability to know how that stamp was
generated. If you suppose that a mail recipient runs a dynamic stamp
generator program out-of-SMTP-band over an HTTPS connection, the
generator program may do any number of things before franking a stamp; such
as log the IP address of the stamp requestor, or limit the number of stamps
allowed to certain IP's or domains within a certain time period, or pause a
certain number of milliseconds. Again it's up to the stamp generator (i.e.,
the mail recipient) to determine the level of effort they want to put into
generating and verifying stamps.
(and no, I'm not so quick to try to smash an idea by positing
wide-open cryptographic permeability.)
If you tracked your own cookies you could spot duplicates and take
whatever action you saw fit.
Exactly. It leaves control of the Level of Effort requirement with the
recipient. They may choose to make their stamp generator trivial, or they
may choose to make it somehow 'expensive' for the sender.
I still lean towards trying to create some sort of economic incentive,
it's been difficult to get sites to buy into schemes unless they had
some other clear advantage other than possibly stopping someone else
from spamming.
If there were a standard framework for the "purchase" of stamps and their
"placement" in messages, it would certainly be a possiblity that some
recipients would choose to only accept mail that contained a stamp they
could verify had cost the sender whatever they desired, whether that be
financial, time, or CPU cycles. It would depend on how they implement
their issuing and verification routines in a stamp generator. Such a system
could create an economy for third party stamp generator/verifier services
for persons/domains that didn't wish to run their own.
Here's a question which is almost isomorphic:
How many big commercial sites will do challenge/response with
customers? Any?
And what if you designed the framework so that it could be performed by an
ISP on behalf of their customers, a business enterprise on behalf of their
employees, or an individual user with a reluctant ISP but a smart MUA?
I really don't know, I've never thought to ask before just now.
But there is some parallel in acceptance threshold between
user-generated cookies and a C/R system, no?
I would think so. You're quickly at a chicken and egg scenario. Who's
going to invest effort without immediate clear benefit? Although the
barrier to entry might be so low that small groups of business associates
may choose to deploy amongst themselves regardless of whether the whole
world plays along.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg