On Mon, Oct 17, 2005 at 09:58:03PM -0700, Douglas Otis allegedly wrote:
Much more can be done in the area of diagnostics. Capturing the body
hash would be useful and not add substantially to the overall overhead.
As Earl points out, it also allows the disposition of the signature to
be determined ahead of the data phase completing.
Only for short-circuiting a failed verification, which empirically are
a tiny and presumably diminishing minority, thus it seems like a
premature optimization.
Clearly a successful signature verification *has* to verify the
claimed body hash, so no successful verification can truly be
"determined ahead of the data phase completing".
As far as I can tell, the only optimization an explicit body hash
offers is for re-signers who are indifferent enough, or trusting
enough to blindly believe an existing body hash.
IOW, a body hash optimizes that rare bird - a third-party signer who
knows they don't munge, who cares enough to claim responsibility, but
doesn't care enough to ensure that their responsibility claim is truly
valid. I'm at a lost - why are these signers important enough to
optimize?
Mark.
_______________________________________________
ietf-dkim mailing list
http://dkim.org