1995-01-10 - Re: for-pay remailers and FV

Header Data

From: Hal <hfinney@shell.portal.com>
To: cypherpunks@toad.com
Message Hash: 48990d8f7c036928012f4bff2ddc380d5714018326c97ef2ce494335472f730c
Message ID: <199501100701.XAA15283@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1995-01-10 07:02:20 UTC
Raw Date: Mon, 9 Jan 95 23:02:20 PST

Raw message

From: Hal <hfinney@shell.portal.com>
Date: Mon, 9 Jan 95 23:02:20 PST
To: cypherpunks@toad.com
Subject: Re: for-pay remailers and FV
Message-ID: <199501100701.XAA15283@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Pierre Uszynski <pierre@shell.portal.com>
> Finally, I do not believe that introducing payment in the remailer
> system would curb abuse in any significant way. Significant abuse is
> that which causes significant problems for the operators: posting
> secret religious technology, forging prime minister mail, harrassing a
> member of any number of opposite persuasions, etc... Do you think for a
> minute that a 5 cents postage is going to stop these messages now? And
> how about when remailers do attain good reliability and untraceability,
> for 3 cents?

I had suggested an idea a while back where you would try to address the
abuse issue directly rather than charging per message.  I agree with
Pierre that any reasonable per-message charge will not help in many forms
of abuse, although it should address the worst spam attacks.

The idea is to have a sort of digital cash token, but it is free.  The
key is that each person just gets one of these, but they are reusable.
After a remailer sends a message, it waits and sees if it gets any
complaints.  If not, the token is re-blinded and made available to the
original user via some kind of pool.  He can then send another message.
But if he commits abuse, he doesn't get his token back.

Obviously there are problems with this, the worst probably being how we
can keep people from acquiring lots of tokens under different names.
Perhaps you could charge some small amount for them, but require VISA
payment, and check the names on the VISA cards.  (This doesn't hurt
anonymity when the tokens are actually used because of the blinding.)  To
get multiple tokens a person would have to commit some serious real world
name trickery, a considerably higher barrier than making up a pseudonym
on the net.

Another problem is that as stated above, you could only send one
anonymous message every day or two.  Perhaps we relax the rules and let
people have a few of these tokens; they can then abuse the system a few
times but each time they lose a token.

A similar idea might work for the data haven problem, although I don't
understand exactly what is intended there.  This approach is a variation on
the "is a person" credential, which attempts to make sure that each
person only gets one of something.  A lot of situations would benefit
from such a credential, although some people don't like them.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLxIw2RnMLJtOy9MBAQGWCgH6A1SFyzZDDhd/NVrMck5SAf3mS4IOl5On
aJNFKUopZi4Fb7tqQfbFukDl/lF+clnBDBNh/yXAsFcABJaWaTUzZA==
=pLOT
-----END PGP SIGNATURE-----





Thread