Does this make sense? It assumes your weblog system allows you to define a small, say 5 character, private encryption key, or even generates one for you. You don't need to know it really cause only the system ever uses it...
Then, you have an AJAX javascript watching your comment field. As soon as it detects keystrokes in it, say 3 or 4, it sends a behind the scenes request to the weblog server for a public key. This key would be generated on the fly using the private key aaaand... say a timestamp. The server would of course need to store the request and the key it generated at this point:
Entry ID # 00345 requested a key at 20050503202312
keygen: j3eJ7%G9U#5G7J*,
sent,
awaiting match...
Anyways, so at this point, using the AJAX and the DOM, the comment form now has a uniquely created "passkey", without which the server will not accept the comment...
Obviously this assumes the commenter has Javascript enabled but let's be honest here... it is 2005. If you've disabled JS in your web browser you're a freak 'n luddite. ;)
Update:
Hrmmm... hehehe I should've put a disclaimer saying "this was just a quick idea which made my head hurt to think about and I figured I'd just put it up there"... ;)
Thanks for the feedback all, whichever response channel you used! :)