- From: Demi Marie Obenour <demiobenour@gmail.com>
- Date: Thu, 22 May 2025 13:10:33 -0400
- To: ietf-http-wg@w3.org
Received on Thursday, 22 May 2025 17:10:53 UTC
On 5/22/25 08:59, Ben Schwartz wrote:
> In general, the IETF has been skeptical of "proof of work" designs that deliberately waste CPU time. As an alternative, you may want to review Privacy Pass (RFC 9576-9578), which allows an HTTP Origin to require clients to expend a different kind of resource ("tokens") that may be limited, without learning the clients' identities.
Does that just move the problem to the token issuer?
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Received on Thursday, 22 May 2025 17:10:53 UTC