On Sat, 18 Sep 2004 05:30:23 -0500, Seth Goodman wrote:
Putting in a
message body hash completely stops replay with very little extra overhead at
either end and makes tracking the state of individual messages unnecessary.
Once you include a hash of the message body, then validation requires going
beyond the envelope, to look at the message body.
Hence it is not at all clear that you need to actually put the message hash
into
the RFC2821.MailFrom BATV encoding. You might want some linkage between the
two, but that's not the same as "including" the hash.
In any event, these sorts of extended discussions about extended utility are
fine to have, but it is potentially a rich space to explore. One needs to
remember that, to date, no messaging-based (or, for that matter,
originator-based) public key signing scheme has gained Internet-scale
deployment
and use.
So we would be wise to take that dependency out of the critical path to the
underlying MailFrom signing mechanisms. And, indeed, that is what the current
BATV spec has done, while leaving things open for infinite experimentation with
those possible enhancements.
d/
--
Brandenburg InternetWorking
dcrocker(_at_)brandenburg(_dot_)com
+1.408.246.8253