It is possible to defend against this threat, but not cheaply, since
the defense requires a robust transaction system that can serialize
the thousand requests, approve one, and reject the other 999, while
still providing service to the rest of their customers.
Nonsense. You just make the purchased stamp dependent upon the address of
the recipient, for example by hashing the To: address inside the
cryptographic stamp when it's minted.
Aw, come on. Please don't tell me I have to explain why this model has
the exact same problem.
Really, if you're the least bit serious about doing this, you need a
performance model to help analyze proposals, many of which are likely
to have much more subtle problems than this one.
R's,
John
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg