Re: [ietf-dkim] Interesting Dupe Signatures

John Levine wrote:

Assuming you make the generally useful optimization to do

the body hash only once, it's hard to see a significant
load from an extra signature check.


+1.

But a body hash is calculated per signature because it might have a 
different c14n parsing.  So the ideal optimization would be to reduce 
the body hashing to unique c= c14n types. Given a ridiculous multiple 
signatures case:

   DKIM-Signature: .... c=relaxed/relaxed;   // dupe
   DKIM-Signature: .... c=relaxed/relaxed;   // dupe
   DKIM-Signature: .... c=relaxed/relaxed;   // dupe
   DKIM-Signature: .... c=simple/relaxed;    // other signer
   DKIM-Signature: .... c=relaxed/relaxed;   // other signer

A reduction consideration with body hash calculations per signature 
c14n type has some merit when mail size is a consideration.  In this 
case, a minimum of two calculations are necessary.

--
HLS

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [ietf-dkim] Interesting Dupe Signatures, John Levine

Next by Date:

Re: [ietf-dkim] DKIM on envelope level, Ian Eiloart

Previous by Thread:

Re: [ietf-dkim] Interesting Dupe Signatures, John Levine

Next by Thread:

Re: [ietf-dkim] Interesting Dupe Signatures, Murray S. Kucherawy

Indexes:

[Date] [Thread] [Top] [All Lists]