Jonathan Morton wrote:
This assumption makes sense up to about 26 bits, based on current performance estimates. Up to 30 bits may also be acceptable, if the user is willing to wait overnight. But waiting overnight is something even low-end users would only want to do occasionally.
- Hybrid systems, and where hashcash fits in (e.g. the MS SenderID proposals, which appear to be gathering pace)
Proof of work can be used as either a substitute or a foundation for signatures. Obviously, it's cheaper for a sender to add a signature than a PoW token, but if a signature relationship hasn't yet been set up, the PoW token is the way to go. Hashcash is a good candidate for PoW.
Content filters are the last line of defence. They should only come into play if a message passes the domain certificate stage but gets an inconclusive result from the signature and PoW filters (perhaps because neither are present). This is the last chance for a message to "go legit" before it is dropped. CAMRAM implements this technique.
heh. camram implements lots of techniques...
The point of the content filter is to allow the status quo to be gradually phased out, rather than instantaneously becoming obsolete. It also allows senders to be partially ignorant of the quantitative requirements of the sender (ie. PoW value), without necessarily requiring a message feedback mechanism to avoid excessive false positives.
- Stamps versus pipe size (again, eric mentioned he had a spreadsheet with
some volume calcs. I'd really like to see that)
http://harvee.org/~esj/hcstampcalc.sxc should work
I'll leave Eric to provide this. But, as a ballpark, consider that a T1 (1.5Mbit/sec) can be had for perhaps $400/month, and a typical e-mail might be less than 10KB. A typical zombie can be considered to have 250Kbit/sec upstream bandwidth.
A brief, and perhaps oversimplified, description of RPOW is that it allows hashcash tokens (which can only be used once) to be exchanged for...
Evidently, RPOW does not scale to general use of global proportions, but it may still be useful to help low-end machines "save up" CPU effort for future messages.
---eric
-- Speech recognition in use. It makes mistakes, I correct most