[cap-talk] can one use capabilities to stop spam without identity?

Matej Kosik kosik at fiit.stuba.sk
Sun Jan 21 06:52:48 CST 2007 

Friends,

John Carlson wrote:
> On Jan 20, 2007, at 1:39 PM, Mark S. Miller wrote:
> 
>> Patroklos Argyroudis wrote:
>>> On Sat, Jan 20, 2007 at 09:42:26PM +0100, Matej Kosik wrote:
>>>> is (I believe) the only reasonable solution that might work. It is
>>>> possible to enforce such an security policy where you charge  
>>>> senders for
>>>> sending you a mail certain amount of money. You then review/read  
>>>> your
>>>> mails and money connected with non-spam-mail is returned back to the
>>>> senders. This of course does not prevent unsolicited mail  
>>>> (because you
>>>> do not want to prevent it) but you are compensated with appropriate
>>>> amount of money. How much you will charge for a mail (you might even
>>>> discriminate among people you already know) is up to you.
> 
> 
> How about this?  If Carol wants to  communicate with Bob, Carol finds  
> Bob's identity
> on a server somewhere, and sends Bob a "write to Carol" capability.   
> The server provides
> Bob a page of new "write to" capabilities, and a way to selectively  
> pick "write to" capabilities
> (search etc).  Also there would  be  a "hide all" "write to"  
> capabilities that Bob could invoke
> to clean up the mess.   There would  be  periodic program that would  
> clear up hidden
> "write to" capabilities that Bob hasn't accepted.  Carol can revoke  
> the "write to Carol" capability
> that she sent to Bob at anytime.
> 
> Bob uses the "write to Carol" capability to send Carol a "write to  
> Bob" capability.
> Communication is established.  Bob can revoke the "write to Bob"  
> capability that he sent
> to Carol at anytime.
> 
> I'm not sure of the usefulness of "read from" capabilities, but they  
> might be used here.
> Generally I think this would be a server capability to read from a  
> message box.
> 
> What do you think?  It requires identity.  For human to human  
> communication, this
> might be OK????

Such a scenario is possible but I do not see how it could shield Bob
from spammers. Spammers can create a script that create zilion
identities and send Bob zilion different requests for capabilities to
writing to him. This would not help Bob because
- if he grants them, he will receive zilion messages and then he must go
though them and sort useful from useless and one by one revoke those
issued capabilities.
- if he does not grant them, then he lives in its own closed world. This
is very simple but makes the system unusable.

I see no better solution as it was described in the Marc Stiegler's
book. You do not have to care who is writing to use in advance. This way
you can treat all people in the same manner. You are protected from spam
and if you are polite others (if they send you non-spam) will not lose
their money.

Concerning the need of identities:

Identities are here to discriminate among people without physically
meeting them. That is useful for
- revealing how much trustworthy is the other guy with which you want to
do some business (sell him something, buy something from him)
- revealing how much trustworthy is the journalit whose articles you
want to read
- revealing how much trustworthy is the politician wants to be elected
by you (voting for anonymous faces in the communal politics is a
terrible option)

The book sketches a scheme similar to a web of trust in which anyone can
build its own identity/ies.
-- 
Matej Kosik

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://www.eros-os.org/pipermail/cap-talk/attachments/20070121/f505be87/attachment.bin

More information about the cap-talk mailing list