[ietf-dkim] Body hash is not an optimization
Mark Delany
markd+dkim at yahoo-inc.com
Mon Oct 17 22:46:09 PDT 2005
On Mon, Oct 17, 2005 at 09:58:03PM -0700, Douglas Otis allegedly wrote:
> Much more can be done in the area of diagnostics. Capturing the body
> hash would be useful and not add substantially to the overall overhead.
> As Earl points out, it also allows the disposition of the signature to
> be determined ahead of the data phase completing.
Only for short-circuiting a failed verification, which empirically are
a tiny and presumably diminishing minority, thus it seems like a
premature optimization.
Clearly a successful signature verification *has* to verify the
claimed body hash, so no successful verification can truly be
"determined ahead of the data phase completing".
As far as I can tell, the only optimization an explicit body hash
offers is for re-signers who are indifferent enough, or trusting
enough to blindly believe an existing body hash.
IOW, a body hash optimizes that rare bird - a third-party signer who
knows they don't munge, who cares enough to claim responsibility, but
doesn't care enough to ensure that their responsibility claim is truly
valid. I'm at a lost - why are these signers important enough to
optimize?
Mark.
More information about the ietf-dkim
mailing list