Surely what an optimized implementation would do is look to see if the
reputation is in the cache, if so and the reputation is bad then throw
out the message and stop processing.
Otherwise verify the signature and only look up the reputation if it
verifies.
This can all be done by a lazy evaluation scheme, heck you could even
have the system automatically optimize itself.
I would think that any extended system would want to have some form of
central reputation management in any case.
-----Original Message-----
From: owner-ietf-mailsig(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-mailsig(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Tony
Finch
Sent: Tuesday, August 02, 2005 7:40 PM
To: Douglas Otis
Cc: IETF MASS WG
Subject: Re: DoS and Replay protection for message signatures
On Mon, 1 Aug 2005, Douglas Otis wrote:
[...] message signatures offer _no_ authenticated
identifier prior to
resources being committed. [...] acting upon a bad signature's
history by refusing service against the domain name comes
too late to
preserve resources.
This is off-topic because it's about optimizing rejections
and reputation lookups, rather than the basic authenticaion mechanism.
What's the problem with doing the reputation lookup before
verifying the signature? If the rep is bad enough to reject
the message then it doesn't matter whether the sig is good or
bad. The sig (and therefore the rep lokup key) occurs early
enough in the data that no disk resources need to be
committed, and the RAM required is pretty small.
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT
FIRST. MODERATE OR GOOD.