From: "Mark M." <markm@voicenet.com>
On Tue, 31 Dec 1996, Igor Chudov @ home wrote:
Send a number of unique tokens to each subscriber each day. [...] If tokens are used improperly (to post off-topic materials) the offending subscriber is denied any further tokens.
The problem of this scheme is (besides its cost) that anonymous users will not be truly anonymous.
I think this problem can be solved by blind signing the tokens. A user generates a random number, multiplies it by the blinding factor, then sending it to a token server which would append a timestamp and sign the blinded token. All signature requests should be signed with a PGP key. The server response would be encrypted with the user's public key. A person's PGP key would be sent along with the subscription request and then saved by the list software.
This is an interesting idea, however it will be possible for someone with a respectable public persona to continue getting tokens indefinately for posting abusive anonymous messages. There is no way to link the anonymous tokens with the ones which were issued to good subscribers. An alternative is to give each subscriber only a small, fixed number of blinded tokens which he will use for the lifetime of his subscription to the list. When someone posts anonymously, they use up one of their tokens. Then, if the message was not abusive, a new blinded token is created, encrypted with the public key of the good-guy anonymous poster, and broadcast to subscribers. This way good anonymous posters will get to keep posting, while abusive ones will shortly run out of anonymous posting tokens. The big problem with schemes like this is the difficulty of defining "good" posts in an acceptable way. Some list members are hard-line freedom-of-speechers and don't want to see any limitations on list postings. Others would probably classify 80% of the messages on the list at times as grounds for termination of posting privileges. Everyone will have their own thresholds. There is also the administrative problem of who will judge the posts. This could take a large commitment of time. I'm sure many of us have gotten behind in our list reading from time to time and it can be intimidating to return from a trip to find hundreds of messages waiting. Imagine how it would be if you were supposed to be reading them and looking for bad messages. We might also want to consider the paradoxical possibility that if we remove the junk, the list will die! At least now we are constantly reminded that the cypherpunks list exists. Other lists like the cryptography and coderpunks can sometimes go for quite a while without any posts at all. On CP you have the sense of a dynamic community where you can hope for a response to your posts, more so than on a list which is silent for days at a time. Hal