[Top] [All Lists]

Reducing signature sizes.

1998-04-06 19:31:27
One of the criticisms frequently applied to S/MIME in mailing lists and
newsgroups is the size of the signatures. When there are lots of two
line messages with >4K signatures one can perhaps sympathize.

The vast bulk of the signature is the certificate chain: frequently
containing large legal statements and discliamers from the issuing CA.

Neither the v2 nor the v3 specs require that the whole chain is included
with each message: if the recipient already has the senders certificate.
The resultant "certificate-less" signature is much more compact.

However it is not always realistic in a mailing list or newsgroup to
assume that each subscriber has the senders certificate stored locally.

A manual solution to this problem would be to include a method in the
(non digital) signature with details of how to obtain the certificate:
as is done with PGP.

The process could be automated by including a user settable
authenticated attribute giving the receiving agent details of how to
obtain the certificate. Does such an attribute exist? If not what are
peoples feelings about adding one?

* Dr Stephen N. Henson.                                    *
* Freelance Cryptographic Consultant.                      *
* Email: shenson(_at_)bigfoot(_dot_)com                               *
* PGP key:  * 

<Prev in Thread] Current Thread [Next in Thread>