> You can't securely have truly stateless authentication without having massive resources, see the cryto.net link above.

I don't think the cryto.net post really explains why this is true (at least in a way that would be made different by "massive resources").