On 6 Mar 2025, at 13:04, Simon Josefsson via Sigsum-general sigsum-general@lists.sigsum.org wrote:
Signed PGP part Elias Rudberg via Sigsum-general <sigsum-general@lists.sigsum.org mailto:sigsum-general@lists.sigsum.org> writes:
Regarding other rate-limit approaches than DNS, I think what Rasmus is hinting at is that other rate-limit approaches could be added alongside the existing DNS approach.
There could be several rate-limit mechanisms with separate quotas for each of them, DNS would then remain as one possibility but for those who cannot or do not want to use the DNS way there could be other options. Such other options could be added in the future to make the system more widely useful, and the addition of new options would not mean any problems for users employing the existing options (i.e. DNS), it would only mean making new ways possible in addition to what existed before.
Someone who wants to submit to a sigsum log would get to decide which rate-limit approach they want to use, so having control of some DNS zone would not be required as long as one of the other approaches is acceptable for the submitter to use.
Does this make sense?
+1
So how about a rate-limiting mechanism where the Sigsum log (when it decide it wants to perform rate-limiting) returns a URL to the client which the human operating the client has to visit in a browser and perform some kind of CAPTCHA, OpenID login, OAuth exchange against GitLab/GitHub/Mastodon/whatever, Bitcoin transfer, credit card payment, Suduko puzzle solver, watch commercials for 1 minute etc, that upon acceptable user interaction ultimately leads to the Sigsum log accepting the request?
I really wish that I could suggest something better than this.
I think this idea is more reasonable to a new user without a DNS zone than any other alternative that I can come up with.
Implemented right, it doesn't seem that risky for the Sigsum log to support -- it would have to generate a random URL and wait for some kind of event from a separate server approving the request.
As I user, I would be frustrated with a mechanism like this, but I suppose that is an appropriate feeling for a rate-limiting mechanism.
I just remembered the first time I generated SSL/TLS keys for my servers. You had to move the mouse around the screen for a few minutes (yes minutes) to generate entropy. And then wait for the keys to be created.
/O ;-)