[Asrg] attention bonds, was Email Postage

[mathew]

On Sun, Nov 23, 2008 at 11:40, Rich Kulawiec <rsk at gsp.org> wrote:

> > 1. There's no way to set up a micropayment system that can't be hacked
> > around.
> >
> > Evidence? That's a pretty strong assertion, given that we have systems
> like
> > SSL in place.
>
> A few hundred million fully-compromised systems.


So, how come SSL hasn't been hacked around?


>  Any proposal like this
> must also be accompanied by a viable plan to un-compromise those systems
> and keep them that way.  Otherwise it's dead on arrival.


In that case, all proposals are dead on arrival and we may as well shut down
this list.

So a second necessary demonstration is that any proposed system must
> not rely on end users to make spam/not-spam determinations, because
> they've shown that they're pretty bad at it.


Since the definition of spam, for me, is what I say it is, you've just
eliminated the possibility of any system that might categorize spam.

> 1.c. Bad guys will forge mail purporting to be from your friends.
> >
> > And? It doesn't matter if they forge the identity, if they still have to
> > pay.
>
> Not if they forge it from your friends' systems, which of course they
> have long since demonstrated that they can do at will.


The last time I received spam sent by a friend's system was... never. I'm
sure it happens, but the fact that it does isn't a consideration as far as
*I* am concerned.

And again, you're raising a hurdle it's impossible to pass. If you assume
that a system can only be acceptable if it cannot be bypassed by
compromising systems, then no system is going to be acceptable.


> > 2. The infrastructure is too expensive for micropayments to work.
>
> It is, by multiple orders of magnitude.


So how come we have SMS?


mathew
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.irtf.org/pipermail/asrg/attachments/20081125/25b8458f/attachment.htm>