- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Sun, 28 Jun 2015 02:14:07 -0400
- To: Web Payments <public-webpayments@w3.org>
Keeping the Web Payments CG in the loop... We're in the process of building out some of the Decentralized Hash Table functionality for the identifiers that we expect will be needed for credential portability (which are necessary for Web Payments Know Your Customer and Anti-Money Laundering requirements). Part of this work requires that the decentralized identifiers should be protected from distributed denial of service attacks. We have created a new type of proof, called a "Proof of Patience", that helps mitigate against these sorts of attacks in a way that is more effective than proof of work. The technology has been written up in IETF RFC form and published here: https://tools.ietf.org/html/draft-sporny-http-proofs-01 Abstract For a client to access a particular resource on the Web, a server must expend a certain amount of computational effort to respond to the request. In some cases this computational effort is sizeable and the server may want to only respond to certain clients. For example, in a distributed denial-of-service attack, a server may require all clients to expend a certain amount of resources via a client-run proof-of-work algorithm to throttle the number of incoming requests to a more manageable number. This document details a new authentication scheme for HTTP that may be used to request and transmit proofs in HTTP headers. -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: Web Payments: The Architect, the Sage, and the Moral Voice https://manu.sporny.org/2015/payments-collaboration/
Received on Sunday, 28 June 2015 06:14:31 UTC