The moderation system works on my local system. Does it work in production?

Apparently.

I hate to to say it, but I'm a teeny bit pleased. The identity stuff appears to be a hard problem, but comment spam fixing should be a lot easier. One that really needs a fresh sets of eyes, from someone with a clue.

(Changing the posting uri bought me a good six months on Movable Type, then WordPress, but now I'm not bothered by spam because the UI I've got scares everyone off...)

Norm says, maybe I'll try to tie it into some sort of distributed identity service

That gave me a funny thought: what about a distributed approval service, where webloggers could pool comments and any peer could approve comments when they're checking. It particularly seems well suited to an "Atom store" where any weblog system could send its comments to the shared storage and poll their own comment-approval feed back. Peer groups could be formed to allow for a level of trust and simple credit system used to make sure people aren't leaving all the work to others.

How about using a CAPTCHA (the system that asks you to type-in a bunch of numbers in a generated image)? It seems easy enough to implement since most of the work is already done for you. It might however disable access to blind users or those with poor vision; but, some of the more complex implementations have already taken care of this issue.

this is a very elegant alternative to visual only CAPTCHA tests - my only concern is that the equations be actual text and not be comprised of, nor constructed of, graphical elements distorted in the manner of today's crudest CAPTCHA implementations - this, i think is a real concern, because, as norman points out, the bots WILL catch up, and the argument will be made that graphical equations provide a "double layer" of protection, when it really only serves to exclude those who cannot visually process the graphics...