On Mar 23, 2008, at 2:34 PM, Dave Crocker wrote: > Double mumble. > > Jim, > > Per the response to Levine's concern, I'd rather simply have text > that dodges the question of multiple signatures, here. Multiple > sigs are fine, but the figure is trying to look at a more contained > topic. I believe that having the figure explicitly show multiple > sigs will, for example, require showing multiple private/public key > pairs, and probably some sort of iterative behavior to cycle through > each key. Since this is an architectural diagram, rather than a > functional flow chart, I don't think the complexity of iteration is > needed. > > Can you live with that?
Signature validation will incur additional processing and must also deal with multiple signatures per message as this is afforded by DKIM. With actions flowing from "Verify Signatures" step in the diagram, this appears to be based upon an assumption all signatures within a message are to be validated. Domain/address assessments ahead of signature validations may be needed to defend limited resources. Unfortunately it appears there is no consideration as to where such strategy might be employed in defending the receiver's validation resources. It is possible a practical solution would be to only check signatures of white-listed domains. Where would this fit within the diagram? It seems defensive methods for DKIM validation processing are not congruent with the described workflow in the diagram. Is it really necessary to assume that all messages will have all their signatures validated? -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
