Set up a Mozilla Persona testing server
An increasingly common problem with Tor usage is that websites often end up banning account creation or comment posting via Tor due to spam and abuse, either temporarily or permanently. In some cases, websites will simply ban all Tor access entirely, preventing Tor users from even reading their content.
To provide websites with a generic, deployable solution to address this problem, we should experiment with and, if feasible, improve Mozilla Persona to provide websites with an identity provider that can be used to facilitate website account creation and rate limit abuse using a number of pluggable mechanisms.
Because Mozilla Persona is a fully federated protocol, the actual Identity Provider would be run by us, with our own choice of rate limiting and validation policies. It will even enable us to run multiple Identity Providers, giving sites the choice of which rate limiting mechanisms work best for them.
To start, we should deploy a test instance of Mozilla Persona that gives users credentials in exchange for solving a number of CAPTCHAs.
If feasible, we should also convert the client-side authentication code to submit Chaum-style blinded certificate hashes to our Identity Provider, so that it will become possible to experiment with less private proof-of-scarcity mechanisms at a later date. This would effectively convert Mozilla Persona into the equivalent of BNymble (http://freehaven.net/anonbib/#bnymble11).