> On Aug 14, 2015, at 7:08 PM, Valery Smyslov <sva...@gmail.com> wrote: > >>>> With no hat on, I hate captchas. I sometimes don't see it well enough >>>> depending on the images selected and have not used applications as a >>>> result. It is a clever way to tackle the problem, so it would be up >>>> to the deployer to make sure their captcha images didn't prevent >>>> expected and authorized users from connecting. >>> >>> To be frank I hate them also as a user in real life. >>> But any kind of puzzle solution (be it captca or >>> cryptographic puzzle) would annoy users (additional delays, battery power >>> consumption etc.). >> captcha's also assume there is a user to talk to, which might not always >> (or even mostly) be the case. > > Yes, I wrote in my original e-mail that this is not appropriate > for "unattended" devices. For those cryptographic puzzles are left. > This is appropriate mostly for smartphones.
And IoT devices are left out in the cole by both approaches. They can’t do millions of SHA-2 fast enough, and they don’t have a user or a user interface capable of displaying the captcha. I’m trying to imagine this as a conversation between the user and their phone: User: Connect Phone: VPN gateway is overloaded. Wait 48 seconds while I solve the puzzle or type in the numbers from this picture User: I guess I didn’t really want to read my work email this badly Yoav _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec