On Mon, Aug 14, 2006 at 12:23:03PM +1000, mikeiscool wrote: > But you're imaging an attack with a distributed bot net DDoS'ing you, > correct? Couldn't they then also use their botnet to process the > messages faster then normally? They already have the computering > power. Just a minor addon to the bot client app.
If you're using a hashcash token which takes 20 seconds of your CPU, it'll slow the spammer down if they owned node has broadband. (Think about 5k message size, multiple Bcc recipients etc; the spammer of an owned botnet node can send multple many per second if hashcash reduces the number of messages that can be sent by a factor of 100, thats a good thing.) Whether its enough of a slow down is an open question -- but I think its difficult to imagine a security protocol that prevent spam with the attacker owning some big proportion of nodes. Adam > Or if it is many requests from one or thousands of clients, can you > not, per host, ask them to use a cached version? Per X timeout. > > Of course, you can't do this with SSL, though. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]