Bill Frantz wrote:
(3) In order to limit the number of posting tokens, the list server will only issue a few per day. The lucky few who get them, everyone who asks under normal circumstances, may be determined by an algorithm designed to limit token collection by future attackers. (This area is where this proposal needs work!)
Send a number of unique tokens to each subscriber each day. Enforce a rule that only posts with valid current tokens may be accepted. The number of tokens should initially be very small (say, one per day) and then should be quickly increased to a sufficient number, like 10 or 20, as the subscriber shows a record of using tokens properly (as defined by acceptable content rules). A database is kept as to who was issued which tokens. If tokens are used improperly (to post off-topic materials) the offending subscriber is denied any further tokens. The problem of this scheme is (besides its cost) that anonymous users will not be truly anonymous. - Igor.