-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David Woodhouse writes:
On Wed, 2004-02-25 at 09:59 -0800, Justin Mason wrote:
This added because DK hashes the message body, and some mailing list
software (MailMan for example, or this list) modifies the body,
which will cause DK failures.
Mailing lists don't mangle the body _much_ though.
Imagine a scheme where you generate and sign a tuple of
{ <number of original lines>, <cheap rolling checksum>, <hash> }
What's being proposed doesn't do that, though.
I agree, a well-thought-out scheme to do that would be useful,
as long as the "single URL replay attack" is dealt with.
- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh CVS
iD8DBQFAPPHWQTcbUG5Y7woRApJ8AKCq9WJYqVHnXNkK/Irr6XKj7t+/3gCfehQU
Ww4/jTN4w/xCftZym94sZus=
=DcyN
-----END PGP SIGNATURE-----