On Tue, 5 Oct 2004 01:56:52 -0500, Seth Goodman wrote:
so I wouldn't bet my life on it. What we have done instead
is to sidestep this problem by dropping unique message ID's
and instead including a SHA1 digest of the canonicalized
message in the signature. The message digest is signed by an
HMAC and the signature is verified by callback. The recipient
I am not understanding how this "bypasses" the concerns that John
is raising.
What you have described is:
1. a per-message hash that is registered in a query service
maintained by the source.
2. a per-message query to that service by the delivery agent
(final receiving smtp server, or the like).
This means per-message updates and per-message, cross-net
queries.
This all sounds like it has exactly the performance and scaling
concerns that John raised.
d/
--
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker(_at_)(_dot_)(_dot_)(_dot_)
brandenburg.com