[messaging] Zero knowledge proofs of passport

Mike Hearn mike at plan99.net
Sun Jul 27 12:56:21 PDT 2014

> But. Suppose that Android app is malicious. For the static case, it can, I
> assume, impersonate you forever. How does the private secret in
> passports thing work?

It doesn't really. You could selectively reveal the expiry date too, but 10
years is an awfully long time.

Key revocation and rotation is hard.

> Introductions are easy, while still avoiding spam: Just require a
> really expensive non-parallelizable proof-of-work/puzzle (e.g., 4
> core-hours). (The Bill Gates proposal.)

So, FYI I used to work on spam and abuse at Google, on Gmail specifically.
So I've spent a lot of time thinking about and working on spam.

PoW based anti-spam proposals have many problems. Trevor pointed out an
obvious one (CPU time is cheap and stolen CPU time even cheaper) but
there's a bigger problem: it mixes up bulk mailing and spam. This is a very
common mistake. Sending messages to lots of people at high speed is not
inherently a problem. Sending *unwanted* mail is the problem.

Pond is sufficiently different to email that it simply doesn't have mailing
lists. And perhaps a two tier system of regular email and super-duper
secure email is OK, in which case Pond's model would suffice - you can
always arrange an intro over regular email. But if you're feeling more
ambitious and want a complete replacement for traditional email you need to
start seeing spam as a distributed reputation problem rather than a "slow
down bulk mail" problem.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140727/ed575fba/attachment.html>

More information about the Messaging mailing list