On Oct 17, 2005, at 10:46 PM, Mark Delany wrote:
On Mon, Oct 17, 2005 at 09:58:03PM -0700, Douglas Otis allegedly
wrote:
Much more can be done in the area of diagnostics. Capturing the body
hash would be useful and not add substantially to the overall
overhead.
As Earl points out, it also allows the disposition of the
signature to
be determined ahead of the data phase completing.
IOW, a body hash optimizes that rare bird - a third-party signer who
knows they don't munge, who cares enough to claim responsibility, but
doesn't care enough to ensure that their responsibility claim is truly
valid. I'm at a lost - why are these signers important enough to
optimize?
Notice that argument is not about a reduction in performance, rather
that only helps a little. If the third-party signer tracks verified
signatures, then directly using the hash on that basis should not be
a problem. In essence, the hash had already been checked and would
have some benefit for messages larger than 50KB.
Having the body hash within the signature would indicate whether
something was munged in the message body. When the body hash
verifies, but then the signature still fails, this would be a more
serious matter, and draws attention to the headers or perhaps key
tampering. Such a division would permit simpler added diagnostics,
as these could be primarily focused upon the headers. Being able to
know when something of a more serious nature is happening would be
beneficial.
-Doug
_______________________________________________
ietf-dkim mailing list
http://dkim.org