[notsapiensatall]

So what happens when your ID gets hacked and reused for fraudulent activity?

Would you have to submit a dispute with the internet credit agencies? Maybe join a class action suit against the entity that leaked your ID so that they're forced to give you a year of free internet identity monitoring?

[smsm42]

The same that happens now when somebody stills your identity and ruins your credit history. You'll have to live in a bureaucratic hell for the next couple of years. And yes, as a compensation, you'll get the $6.99 worth of services from the guilty party. If you win the class action suit, that is.

[notsapiensatall]

Exactly. Why on earth would we want to replicate such a terrible system online?

We should be reforming our current credit agency system, not empowering it with a new mandate of judging somebody's social or political creditworthiness.

[jamie_ca]

Then you need to deal with levels of rate-limiting that are fine for individuals but make it not feasible for spammers.

Keeping with the cloudflare topic, if Cloudflare only permits you 10 requests per second (HTML + JS/images) that's still usable for web browsing, but someone running a cloud of hundreds of bots would be effectively shut down. Similarly with email, an individual probably doesn't need to send more than one email per 10 seconds but email spammers wouldn't find any ROI at that rate - business needs being different might necessitate a different registry or something in that case.

[mcguire]

Nobody said it wouldn't suck. The only question is whether it sucks less than the alternatives.

[les_diabolique]

If you have a better solution, I'm sure it would be very lucrative.

[tboyd47]

Looks like Cloudflare beat us to it.