On Mon, Oct 17, 2005 at 09:58:03PM -0700, Douglas Otis allegedly wrote: > Much more can be done in the area of diagnostics. Capturing the body > hash would be useful and not add substantially to the overall overhead. > As Earl points out, it also allows the disposition of the signature to > be determined ahead of the data phase completing.
Only for short-circuiting a failed verification, which empirically are a tiny and presumably diminishing minority, thus it seems like a premature optimization. Clearly a successful signature verification *has* to verify the claimed body hash, so no successful verification can truly be "determined ahead of the data phase completing". As far as I can tell, the only optimization an explicit body hash offers is for re-signers who are indifferent enough, or trusting enough to blindly believe an existing body hash. IOW, a body hash optimizes that rare bird - a third-party signer who knows they don't munge, who cares enough to claim responsibility, but doesn't care enough to ensure that their responsibility claim is truly valid. I'm at a lost - why are these signers important enough to optimize? Mark. _______________________________________________ ietf-dkim mailing list http://dkim.org
