[ietf-dkim] mailing lists and -base
Bill.Oxley at cox.com
Bill.Oxley at cox.com
Tue Mar 28 08:46:43 PST 2006
Is signing the body at all an essential requirement? Yes, some potential
risk for a replay attack but otherwise "whoami I sent this" should be
sufficient for some providers,
Bill Oxley
Messaging Engineer
Cox Communications, Inc.
Alpharetta GA
404-847-6397
bill.oxley at cox.com
-----Original Message-----
From: ietf-dkim-bounces at mipassoc.org
[mailto:ietf-dkim-bounces at mipassoc.org] On Behalf Of Arvel Hathcock
Sent: Tuesday, March 28, 2006 11:22 AM
To: ietf-dkim at mipassoc.org
Subject: Re: [ietf-dkim] mailing lists and -base
> The current proposal for allowing signers to only have to compute the
> hash once for large message bodies that will be sent out numerous
> times (such as in a mailing list) seems like an improvement.
I can not disagree. It isn't always the case, but it is often the case,
and likely always at least optional that mailing lists personalize the
TO header. When this is done, a single body hash which could be reused
is an improvement.
--
Arvel
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
More information about the ietf-dkim
mailing list