Re: HTTP HashCash from Robert Rothenberg on 2025-05-22 (ietf-http-wg@w3.org from April to June 2025)

From: Robert Rothenberg <robrwo@gmail.com>
Date: Thu, 22 May 2025 14:23:34 +0100
To: "John, Gavin N. (Gavin)" <gjohn@caltech.edu>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <c27e4c9c-9db5-4ce2-8f5f-b5602f74c1d7@gmail.com>

On 22/05/2025 14:22, Robert Rothenberg wrote:
> Anubis works only because the bad robots don't use JavaScript.
>
> Putting something in HTTP will make it easier for those bots to access 
> pages.
>
> Adding a "computational tax" won't eliminate problem, and it will just 
> contribute to more wasted electricity and water to feed the AI bots.
>
> The problem is in detecting bad bot traffic that is often trying to 
> hide itself, while also respecting the privacy of human users.
>
>
>
>
> On 10/05/2025 03:43, John, Gavin N. (Gavin) wrote:
>>
>> Hi!
>>
>> I've noticed the rise in popularity of Anubis 
>> <https://github.com/TecharoHQ/anubis>. It's an effective tool for the 
>> job (requiring additional work to access expensive endpoints), but I 
>> don't want to use it on my public-facing stuff because it makes it 
>> unreadable to most tools due to the use of JavaScript (I recognize 
>> that many people see this as an advantage of Anubis, however for me 
>> this is a negative I'd like to avoid). I was wondering about maybe 
>> standardizing HashCash for HTTP to make this sort of computational 
>> tax more universally supported. Thoughts?
>>
>> Gavin John
>>
>> Caltech, Class of 2028
>>
>

Received on Thursday, 22 May 2025 13:24:25 UTC