At 1:44 PM -0600 4/30/03, Vernon Schryver wrote:
> From: Kee Hinckley <nazgul(_at_)somewhere(_dot_)com>
>> What about the processing load required to deal with verifying
>> cryptographic signatures? Will that cause an unacceptable load on very
>> large mail installations?
>Excellent question. I don't know and I do worry about it.
Cache a mapping between IP's and signatures, and fast track those
IPs you know?
Signature of what? If you trust IP addresses, then you don't need
any crypto mumbojumbo because IP addresses are practically unforgeable.
The IP does not (at the point of receiving a message) give you as
much information as crypto, let alone trust. However you could
conceive of caching it the IP for a while (just as you cache DNS
entries for a while) to avoid decrypting each time. Probably only
reliable for the immediate sender to your MTA.
I don't know if it makes sense. That's why there was a question mark
at the end.
--
Kee Hinckley
http://www.messagefire.com/ Junk-Free Email Filtering
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg