[hashcash] Re: Opportunistic signatures - a proposed design
- From: John Honan <jhonan@xxxxxxxxxxxxxxx>
- To: hashcash@xxxxxxxxxxxxx
- Date: Mon, 30 Aug 2004 18:00:45 +0100
Atom 'Smasher' wrote:
To get large-scale acceptance, we'll need an approach that meets
enterprise needs. Most enterprises will not touch a solution that
requires large-scale desktop modification. The support burden is
just too high. Therefore, we'll need a solution that can be
implemented by a "drop-in box". Which is difficult because
enterprise e-mail looks just like a spammer for the same reason that
mailing lists do.
==============
i'm not sure i understand how this creates a problem... the bar is
raised, for both mass-mailer and spammer... a legitimate mass mailer
can create a mailing list and allow subscribers to accept stamps for
that list. a spammer will be slowed down to a crawl, or slower.
i also don't see how a public key system is any easier to implement,
in enterprise environments, than hashcash.
regarding desktop modification: like nearly all good idea, this will
be implemented first in open-source and geeky applications. after 1)
people realize that it helps fight spam and 2) someone creates a slick
(invisible) interface that's idiot resistant, then all of the
closed-source applications used in enterprise environments will have
to adopt it, or risk losing market share. the companies will inherit
the technology during their next regular software upgrade.
To meet user needs the solution has to be transparent (invisible, as you
mention), and zero-cost for the user to implement. Most home users
aren't going to be interested learning how these things work, they're
just interested in minimising spam with as little effort on their part
as possible. If a user clicks the send button to mail their friend, and
suddenly get prompted 'please enter stamp value', or 'please wait....
generating stamp', or 'do you want to add this recipient to your
whitelist?' - They're going to get a bit nervous; "why isn't my mail
being sent the way it used to?", "what's a stamp value?", "what's a
whitelist.....?" etc.
Enterprise requirements are slightly different. They want zero
implementation and support costs. They just want a solution that will
sit there behaving itself and zapping spam. They don't want to have to
pay for anything (if they can help it), and they certainly don't want to
have to drastically modify or upgrade existing systems or servers or
increase support costs to keep it running. Adding hashcash support to
Spamassassin was an excellent idea.
Whatever about adding hashcash to open-source apps, eventually Windows
will have to be addressed. I haven't checked the market shares, but I
would assume that Outlook is the most popular MUA out there at the
moment. Now, if people could just go to a website, and click the
'download hashcash for outlook plug-in here'.....
Also, I'm not sure about closed-source applications just 'having' to
adopt it. That's the reason they are closed-source. They would prefer to
implement their own solution if they possibly can, rather than
integrating an open source product into theirs. Losing market share
won't be their primary concern, legal issues and licensing will be (look
at the recent mails regarding SenderID....) I think a 'plug-in'
solution for MUAs and server apps is best way - otherwise you'll be
waiting a long time for them to just 'adopt' it.
Other related posts: