W3C home > Mailing lists > Public > www-talk@w3.org > March to April 2001

Re: hash cash and email

From: Cem Karan <Cem.Karan@usa.alcatel.com>
Date: Mon, 30 Apr 2001 12:54:48 -0400
Message-ID: <3AED98D8.9AC7A36@usa.alcatel.com>
To: Aaron Swartz <aswartz@swartzfam.com>
CC: Al Gilman <asgilman@iamdigex.net>, www-talk@w3.org
> And what is your solution for dealing with mailing lists, such as these?
> Should the W3C buy a bunch of supercomputers to generate all this hashcash?

The goal of hash cash is to force someone to break the hash if they
don't have the key.  Since you can generate as many hashes of any length
that you want, you would typically generate a very long hash for each
trusted source, and then give that source the key.  At that point, they
can break the hash without any problems, but others would take years to
break that particular hash.  And if someone else DOES get hold of the
key to a particular hash, all you have to do is invalidate it.  The
listserv will not be able to reach you with that hash, but by creating a
new one and handing the key to the listserv, you've solved the problem. 
Note that this doesn't prevent the list from selling your address and
key; it just means that your address is of extremely limited value to a
spammer as you can change keys immediately.
Received on Monday, 30 April 2001 12:55:30 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 27 October 2010 18:14:25 GMT