[messaging] Message delivery and revocation in Pond etc
michael at briarproject.org
Thu Apr 3 16:17:51 PDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
On 04/04/14 00:06, Trevor Perrin wrote:
> No, senders contact mailboxes directly (in Pond). There's no limit
> to how much they can send. It's recipients who maintain a
> roughly-constant-rate connection to their own mailbox, which is
> the weak link for DoS.
But you could enforce a limit (by issuing a limited number of
tokens/single-use keys) without affecting non-abusive senders, since
the recipient's collection limit already limits their throughput.
> The cost of one-time signing keys (compared to one-time tokens)
> seems pretty insignificant to me:
> The sender stores (32-byte?) signing keys vs (16 byte?) tokens,
> and calculates a signature when sending a message (which are < 16KB
> in Pond).
> The receiver calculates a verification upon receiving a message.
> The server and receiver could store 16-byte fingerprints of the
> one-time public keys, so there's not a storage difference there.
> So it seems worthwhile just to do signing keys, and get immediate,
> reliable attribution in case of a junk message.
Yup, I agree, forget about my proposal. :-)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Messaging