[ietf-dkim] 1193 considered harmful
Michael Thomas
mike at mtcc.com
Tue Mar 21 12:41:12 PST 2006
Stephen Farrell wrote:
>
>
> Jim Fenton wrote:
>
>> Just in the interest of accuracy...
>>
>> Barry Leiba wrote:
>>
>>> Third, as was pointed out, a sender could hash a large body once and
>>> send it multiple times, possibly saving a lot of time/effort.
>>
>>
>> This doesn't depend on the new hashing proposal. A signer could do this
>> under the current proposal.
>
>
> Really? I thought the structure of allman-01 was to hash the
> catenation of some-header-stuff, then the body then the
> DKIM-signature stuff. In that case, the body hash is not useful,
> at least with any standard hashing API.
I'm sort of missing why this is an interesting feature. Reusing the
hash of the body would only help if you were generating multiple
signatures. I suspect that the RSA signing operation overwhelms the
SHAx cost by a very good bit on your average size of body. That
and it's not like we're signing for, say, individual rcpt-to's where
that sort of amortization might be a nice optimization.
Mike
More information about the ietf-dkim
mailing list