On Mon, 14 Feb 2005 domainkeys-feedbackbase01(_at_)yahoo(_dot_)com wrote:
If the revocation id is not very cache-friendly, then it could be as granular
as a message-id.
Message-ID could possibly be passed along as part of lookup for public key
or fingerprint. If key owner does not use revocation, they would provide
longer cache time for the answer, otherwise it would be shorter.
Just a small note - Message-ID is not unique in current email infrastructure.
I've researched this for MTA Signatures year ago and determined that:
1. Message-ID is not required and some MUAs do not add it (but some MTAs
would then add it automaticly)
2. In some cases when email is broken in part and those parts as sent as
separate messages, then each part would have the same Message-ID.
3. Some mail lists change Message-ID (its rather rare though)
4. In some cases same Message-ID is reused when bouncing the message
My notes about are included in 2nd paragraph of
http://www.elan.net/~william/emailsecurity/mta_signatures.htm#Part3.2.6
But I suspect none of that is a stopper because if we're not going to build
signature around message-id (as I did for MTA Signatures). But still each
one of above cases should be considered and mentioned if Message-ID is used.
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net