From: George Schlossnagle
Sent: Monday, November 29, 2004 4:00 PM
On Nov 29, 2004, at 4:57 PM, Seth Goodman wrote:
That is latency as opposed to CPU cycles. RSA signature validation is
a concern from the standpoint of CPU cycles.
The whole point is that it's not. Whether you run Ecelerity or not,
the fact that it has a blazingly fast DK implementation means that
other MTAs can have one too.
And other methods that don't depend on RSA validation that are currently
blazingly fast in comparison can be made more blazingly fast, as well.
The sendmail people have also noted repeatedly in this forum
that the dk-milter is a proof of concept with enormous room
for optimization.
As is the implementation of any other algorithm. RSA signature validation
is a very CPU-intensive algorithm that unfairly burdens the recipient.
HMAC-SHA1 signatures are much faster, and you can optimize both to your
heart's content and still come up with the same result.
Since you like to quote from the
sendmail results, perhaps we should look again at their conclusion:
Perhaps you might look at their data and note that the conclusion is not
justified for short messages like spam. The data speaks for itself.
--
Seth Goodman