Mitch Denny wrote:
Hi Jonathan,
I just read this post by James Moore: //www.freelists.org/archives/hashcash/03-2004/msg00003.html
It seems he had an implementation in JavaScript that was quite slow. So maybe for web-form comments (as opposed to track-backs) the best mechanism would be what Atom Smasher suggestion in the form of a dynamically generated image which is hard for a machine to parse. Does anyone know of how easily those are compromised? I'd prefer not to have to have people download a Java applet to make this work, and most browsers definitely won't let an externally loaded page query a HTTP server on localhost - that would be a security violation.
OK, so the way it is panning out is this:
1. Web-form posted comments are filtered using a image verification system. 2. Track-back comments are posted using hashcash. The server can choose to produce the stamps for the posting client (especially if it is via the web-based admin interface), or the client can provide a set of stamps that match the referenced URLs.
Some more suggestions;
John.