Oh! And what abotu the VIA chips with PadLock? :) http://www.via.com.tw/en/Digital%20Library/PR040518EPF.jsp I got one of these yesterday. Spammers may want to buy these babies ONLY as hashcash off-loaders...but then they'd have to pay money for it. JLC On Fri, Aug 13, 2004 at 09:51:24AM -0400, Adam Back wrote: > Jonathan's fast minter does ~4 Megahashes/sec or about 22 bits/sec on > a 3Ghz P4. But I concur: I think 20 bits is about right now also. > > The question of how to upgrade this over time is an unanswered question. > > CAMRAM does a challenge-response thing and so can negotiate upwards. > > Bare-hashcash can not do this. > > This is partly what the extension mechanism is for -- to allow us to > plug in a bit upgrading extension later. > > I had one candidate which is some group agrees a policy (eg 1 second > on best price point desktop revised once every 6 months) and publishes > via a symmetric key "signature" like construct. (Which is eg > authenticated using a hash-chain.) Or using signatures. > > But I wanted to progress the basic client to v1 format and get that > into SA3 before we explore this to work incrementally. > > So the hashcash recommended from the hashcash man page is currently 20 > bits. (Run it without the -b <bits> option and you get a 20 bit stamp). > > I came across one security-related mailing-list that is attaching > hashcash to their security bulletin mails to subscribers. > http://www.computercops.biz There was a thread in news.admin.net-abuse > > http://groups.google.ch/groups?hl=en&lr=&ie=UTF-8&threadm=41184f25%243%24fuzhry%2Btra%24mr2ice%40news.patriot.net&rnum=10&prev=/groups%3Fq%3Dhashcash%26hl%3Den%26lr%3D%26ie%3DUTF-8%26scoring%3Dd%26selm%3D41184f25%25243%2524fuzhry%252Btra%2524mr2ice%2540news.patriot.net%26rnum%3D10 > > where computercops.biz were trying to get their IP off spews. (Their > IP blocked because of arguably spammer-friendly/neutral ISP they are > using). > > I am not quite sure how to read the whole thing, but they do appear to > send hashcash as I tried to subscribe to see and the subscription conf > msg had a valid 24-bit (version 0) hashcash stamp on it. (Of course > we don't know if that was meant to be a 20-bit but they got lucky -- > an example of the info loss in not having the intended bits field). > > > But generally what it says in the FAQ about mailing lists is the > sender should put the stamp, and the recipient should accept the list > address as an address they accept mail as. (Long term solution being > list server verifying the stamp, and replacing with a signature). > > Adam > > On Fri, Aug 13, 2004 at 09:23:59AM -0400, Jean-Luc Cooke wrote: > > This policy I'd personally like to see it as "hashcash recomands X bits, but > > it is up to the mail-server/procmail user to decide how to filter mail". > > > > Reasons: > > 1) Mailing lists like linux-kernel may find ti too expensive to compute > > hashcash values for 3,000 emails 400 times a day. > > 2) lots of others