On Wed, Jul 8, 2020 at 12:42 PM Murray S. Kucherawy <[email protected]> wrote:
> I'm sorry, I got that backwards. What I meant to say is: > > On Wed, Jul 8, 2020 at 9:04 AM Murray S. Kucherawy <[email protected]> > wrote: > >> On Wed, Jul 8, 2020 at 1:21 AM Dotzero <[email protected]> wrote: >> >>> At what overhead cost? You have to hold the connection open while >>> reversing the transformations or you are not in a position to reject (vs >>> accepting then rejecting). There are folks currently holding the connection >>> while evaluating the DKIM signature but that is lighter weight than >>> reversing the transforms AND doing the DNS lookup to validate the DKIM >>> signature. >>> >> > That seems to imply DKIM, which relies on DNS and cryptography, is LESS > heavyweight than reversing text transformations, which relies only on the > local CPU and memory and probably arithmetic. I'm not sure I agree. > > Once you reverse the transformations you would still need to do the DKIM lookup to validate the reversed text that was signed. Simply reversing the transformations without validating doesn't give you much of anything useful. Michael Hammer.
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
