I said:

If someone tried to generate a million different identities and public keys, that could be dealt with by imposing a time delay for registration

Whoops. Of course that wouldn't work. If a delay was imposed after any registration before processing any next one, then there's an obvious denial of service attack by simply sending in lots of registrations. And if there isn't, someone can simply register a zillion different e-mail addresses and public keys and send each copy of a mail bomb from a different one. Someone who wants to build up a reputation can already do it anonymously (like Pr0duct Cypher), while someone who wants to make trouble doesn't need to build up a reputation. Oh well. -- sidney <sidney@apple.com>