Hallam-Baker, Phillip wrote:
I am sure you can probably get by without sequence numbers.
If that's true, then is there any reason to not just
do as we're currently doing which is making them look
like trace headers? This preserves sequence for forensics
which is about the only thing that I suspect you can hope
for.
The only thing the sequence number does is to allow the verifier to come
to the conclusion 'Signature X did not validate, therefore Signatures
1...X-1 are not worth checking'
But that could be a DOS attack on the other signatures,
right? Not that it would be hard to DOS it if you have
the message in hand. But it seems like a small thing
to save the RSA verify operation on subsequent signatures.
Mike
_______________________________________________
ietf-dkim mailing list
http://dkim.org