Jonathan's fast minter does ~4 Megahashes/sec or about 22 bits/sec on a 3Ghz P4. But I concur: I think 20 bits is about right now also. The question of how to upgrade this over time is an unanswered question. CAMRAM does a challenge-response thing and so can negotiate upwards. Bare-hashcash can not do this. This is partly what the extension mechanism is for -- to allow us to plug in a bit upgrading extension later. I had one candidate which is some group agrees a policy (eg 1 second on best price point desktop revised once every 6 months) and publishes via a symmetric key "signature" like construct. (Which is eg authenticated using a hash-chain.) Or using signatures. But I wanted to progress the basic client to v1 format and get that into SA3 before we explore this to work incrementally. So the hashcash recommended from the hashcash man page is currently 20 bits. (Run it without the -b <bits> option and you get a 20 bit stamp). I came across one security-related mailing-list that is attaching hashcash to their security bulletin mails to subscribers. http://www.computercops.biz There was a thread in news.admin.net-abuse http://groups.google.ch/groups?hl=en&lr=&ie=UTF-8&threadm=41184f25%243%24fuzhry%2Btra%24mr2ice%40news.patriot.net&rnum=10&prev=/groups%3Fq%3Dhashcash%26hl%3Den%26lr%3D%26ie%3DUTF-8%26scoring%3Dd%26selm%3D41184f25%25243%2524fuzhry%252Btra%2524mr2ice%2540news.patriot.net%26rnum%3D10 where computercops.biz were trying to get their IP off spews. (Their IP blocked because of arguably spammer-friendly/neutral ISP they are using). I am not quite sure how to read the whole thing, but they do appear to send hashcash as I tried to subscribe to see and the subscription conf msg had a valid 24-bit (version 0) hashcash stamp on it. (Of course we don't know if that was meant to be a 20-bit but they got lucky -- an example of the info loss in not having the intended bits field). But generally what it says in the FAQ about mailing lists is the sender should put the stamp, and the recipient should accept the list address as an address they accept mail as. (Long term solution being list server verifying the stamp, and replacing with a signature). Adam On Fri, Aug 13, 2004 at 09:23:59AM -0400, Jean-Luc Cooke wrote: > This policy I'd personally like to see it as "hashcash recomands X bits, but > it is up to the mail-server/procmail user to decide how to filter mail". > > Reasons: > 1) Mailing lists like linux-kernel may find ti too expensive to compute > hashcash values for 3,000 emails 400 times a day. > 2) lots of others