On Wed, 9 Apr 2003 15:39:24 -0700
Craig Hughes <craig(_at_)hughes-family(_dot_)org> wrote:
On Thursday, April 3, 2003, at 10:01 PM, J C Lawrence wrote:
Note that the Porkhash proposal doesn't use signatures or keys, just
an MD5 hash of items with a secret. Under the porkhash proposal
anybody wishing to verify a hash has to contact a system which
possesses the secret, for re-computation of the hash to see if it
matches.
There's nothing that says the secret needs to persist very long.
If it doesn't I can't retroactively verify message correctness.
ObNote: Assuming that you want to support in-transport verification
only (which while useful, doesn't seem a necessary compromise), that
probably means at least a window of 20 days (4 days per transitional
MX, plus a forward).
--
J C Lawrence
---------(*) Satan, oscillate my metallic sonatas.
claw(_at_)kanga(_dot_)nu He lived as a devil, eh?
http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg