Chris's Wiki :: blog/tech/HashingClientIssues Commentshttps://utcc.utoronto.ca/~cks/space/blog/tech/HashingClientIssues?atomcommentsDWiki2009-04-29T16:39:50ZRecent comments in Chris's Wiki :: blog/tech/HashingClientIssues.By rdump on /blog/tech/HashingClientIssuestag:CSpace:blog/tech/HashingClientIssues:c1a18e24e171d047fe46e2d33b8e0eb278074d73rdump<div class="wikitext"><p>I'll hazard a guess that SMTP as currently implemented (receiver stores) is superior to any kind of sender stores scheme.</p>
<p>With SMTP, we have a whole lot of infrastructure in place to help us differentiate between good and bad strangers. We have ways of refusing mail from places bad strangers are known to frequent. We have ways of detecting the kinds of messages many types of bad strangers send. It's quite effective.</p>
<p>Since a sender stores scheme will have to re-implement all of that infrastructure, and for no practical benefit [1], a sender stores scheme is a non-starter.</p>
<hr>
<p>[1] The bandwidth and storage saved is negligible when compared to all the other traffic sent through the intertubes and cached locally. The savings from reducing it pales in comparison to the costs of getting a sender stores system installed and working.</p>
</div>2009-04-29T16:39:50ZBy Chris Siebenmann on /blog/tech/HashingClientIssuestag:CSpace:blog/tech/HashingClientIssues:bb1cdcc862728c625041174c433989c4432e08e1Chris Siebenmann<div class="wikitext"><p>I think hash lists are better for this particular situation, because you
want to pack the full set of hashes into as little space as possible.
My impression is that hash trees are good for bottom up verification,
but for email messages we just want front to back verification.</p>
<p>I don't think there's a good general solution to email spam; <a href="https://utcc.utoronto.ca/~cks/space/blog/spam/FundamentalSpamProblem">the
fundamental problem of spam</a> is not
one that is amenable to technical solutions. There are solutions for
specific narrow areas of the problem, many of which people are
quietly switching to now (for example, the popularity of having
'private message' features somewhere in your web-based system).</p>
</div>2009-04-29T15:07:26ZFrom 130.217.250.13 on /blog/tech/HashingClientIssuestag:CSpace:blog/tech/HashingClientIssues:d44f809364126a948908d839fdfac25a56f4b069From 130.217.250.13<div class="wikitext"><p>What you're describing is a <a href="http://en.wikipedia.org/wiki/Hash_list">hash list</a>, perhaps a more interesting version is a <a href="http://en.wikipedia.org/wiki/Hash_tree">hash tree</a> where you can send/store far less hashes, and recalculate parts as needed.</p>
<p>While you've made a good case against sender stored messages, what do you see as a better solution? </p>
<p>-- Perry Lorier</p>
</div>2009-04-29T05:59:08Z