[messaging] Message delivery and revocation in Pond etc
Michael Rogers
michael at briarproject.org
Thu Apr 3 16:17:51 PDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 04/04/14 00:06, Trevor Perrin wrote:
> No, senders contact mailboxes directly (in Pond). There's no limit
> to how much they can send. It's recipients who maintain a
> roughly-constant-rate connection to their own mailbox, which is
> the weak link for DoS.
But you could enforce a limit (by issuing a limited number of
tokens/single-use keys) without affecting non-abusive senders, since
the recipient's collection limit already limits their throughput.
> The cost of one-time signing keys (compared to one-time tokens)
> seems pretty insignificant to me:
>
> The sender stores (32-byte?) signing keys vs (16 byte?) tokens,
> and calculates a signature when sending a message (which are < 16KB
> in Pond).
>
> The receiver calculates a verification upon receiving a message.
>
> The server and receiver could store 16-byte fingerprints of the
> one-time public keys, so there's not a storage difference there.
>
> So it seems worthwhile just to do signing keys, and get immediate,
> reliable attribution in case of a junk message.
Yup, I agree, forget about my proposal. :-)
Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBCAAGBQJTPewfAAoJEBEET9GfxSfM/McH/RjZUzaVdP2yoTjCVqbxY4n7
U4HOWZm9nkU/NoLrWYChqOXr6ezBq9QsC0kZyQXPHnUz8umKI7CCsmUfT2Xhdg+n
pIquqg5cxE1ybsdc2B5lPMp5/ofY61yKUTkRicNjuZu7lXdhpY6hQEchS+RAO3rU
BEybe6oiulZNamelJwxEtadR9kGRouFEbPwk88dCuqXW6HtPe/WUfjYWisziH4au
+Nd7v484MmpIHMp+QhbqbsiHiNhbB94BLDM2/udTWkwWGDOHfQqsWSj94rDAE6oF
yySEAqsFW0ObXSju/oDNReyJKPS8yg88ZGZ46TaxuEq14iMN7vPiWSEFzE4aBW0=
=sM2A
-----END PGP SIGNATURE-----
More information about the Messaging
mailing list