cryptoanarchy.wiki

Arise, you have nothing to lose but your barbed wire fences!

1997-12-14 - Re: hashcash spam prevention & firewalls

Header Data

From: “Uhh…this is Joe [Randall Farmer]” <rfarmer@HiWAAY.net>
To: “Robert A. Costner” <pooh@efga.org>
Message Hash: b97f82e945331514440892366cc2a2ab6c9a7dcab8a623b73e16f8c654b45732
Message ID: <Pine.OSF.3.96.971213175604.21501A-100000@fly.HiWAAY.net>
Reply To: <3.0.3.32.19971213161023.03889c90@mail.atl.bellsouth.net>
UTC Datetime: 1997-12-14 00:56:46 UTC
Raw Date: Sun, 14 Dec 1997 08:56:46 +0800

Raw message

From: "Uhh...this is Joe [Randall Farmer]" <rfarmer@HiWAAY.net>
Date: Sun, 14 Dec 1997 08:56:46 +0800
To: "Robert A. Costner" <pooh@efga.org>
Subject: Re: hashcash spam prevention & firewalls
In-Reply-To: <3.0.3.32.19971213161023.03889c90@mail.atl.bellsouth.net>
Message-ID: <Pine.OSF.3.96.971213175604.21501A-100000@fly.HiWAAY.net>
MIME-Version: 1.0
Content-Type: text/plain



> >> So, we would need about 44 hours of CPU time each day.
> >
> >Well, have a system of certified remailers trusted to force their users to
> burn
> >up time at the sending end, so the ultimate recipient accepts their messages
> >w/o postage. One certified remailer accepts messages from others without any
> >postage, so only the original sender has to use up CPU time. 
...
> Since we need hashcash now to LEAVE a remailer, not to enter one, where does
> this hashcash come from?  A busy remailer could not generate it's own
> hashcash for the destination non-remailer ISPs. 

This is exactly what I was addressing: remailers only have to get themselves
certified as remailers and then prove their certification to the destination
server, not do the whole hashcash shtick for every message. (For example, they
could publish their public key's hash signed by some anti-spam organization,
then sign the hash of the server's challenge to prove that they are a real
remailer, not an advanced spammer imitating one) 

> 
> Does the same hashcash that allows a message to enter the remailer network
> also retain it's validity once the message has been rewritten by the
> remailer?  Is this hashcash still valid for the destination mail server at
> netcom?  Does the initial sender provide two instances of hashcash, one to
> get into the remailer, and one to get into the destination mail system? 

Nope. The original sender provides hashcash to get into the remailer net, and
the receiver, after seeing the remailer's certificate, trusts that the original
sender spent some CPU time to send the message. The remailer doesn't have to
while away nearly as much of *its* CPU time, and spammers still couldn't send
many messages since they still have to waste their CPU cycles to do so. 

...
> 
>   -- Robert Costner                  Phone: (770) 512-8746
>      Electronic Frontiers Georgia    mailto:pooh@efga.org  
>      http://www.efga.org/            run PGP 5.0 for my public key

---------------------------------------------------------------------------
Randall Farmer
    rfarmer@hiwaay.net
    http://hiwaay.net/~rfarmer

Thread