On Dec 3, 9:26pm, John Levine wrote:
} Subject: Re: [Asrg] The fundamental misconception about POSTAGE METERS
}
} >> All the sender does is present his identity. The recipient's postage
} >> meter issues a stamp which is only good for sending one message to that
} >> recipient. The sender's "coin" has to come from a bank trusted by the
} >> recipient [...]
}
} >> But can we please stop arguing from the assumption that senders can
} >> arbitrarily print and re-use one stamp for many recipients?
}
} In the scenario above, what happens when a sender buys one coin and
} simultaneously presents it to 1000 recipients?
Whether this question makes sense depends on which scheme you're asking
about.
In Gerald's HTTP/URL based out-of-band exchange, the sender has to get
a token from the recipient before he even begins the SMTP transaction,
so purchasing from multiple recipients with the same coin is a danger.
The paper to which I previously sent a pointer makes the claim that
it's possible to control the degree of duplicate spending in this kind
of situation.
I don't think I grasp Don's Advenge idea well enough to say whether it
poses the same problem.
In my proposed in-band SMTP extension approach, the sender never buys
a coin and never has control of a recipient-generated token. The coin
exchange is carried out between the bank and the recipient, and the
recipient has to agree about which bank to trust. All the sender can
do is describe a bank where he has pre-deposited funds from which the
recipient can obtain a coin, and the maximum denomination of coin he's
willing to spend. Think of it as postage ETRN.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg