Hi Matt
Matt Kettler wrote:> Since e4 signatures can (theoretically) change their selection base at random, it's impractical to revoke just the signature. Were the e4 base ranges to change, your revocation would instantly become useless, whereas all the spam reports could be rebuilt.
why isn't it possible to make sure that only needed data of revoked messages is transferred to the server? if I revoke a message, the server tells me the current data needed to compute a valid sig to revoke the message.
The data needed to recompute a valid signature in the event of a e4 parameter change is the whole body.
If the e4 parameters don't change, then a hash-only submission would be adequate.
Making the system only report the current e4 subselection of body doesn't change anything. It is fundamentally the same as reporting hash only.
> If all the revokes were signature only, the entire bayes DB would reset to 0 revokes upon a shift of the e4 parameters.
I disagree, since revoked messages also have been reported (otherwise there is no need to revoke them) before, the server already has the whole message content because of these reports. So there is no real need to submit the whole message in case of a revoke.
Untrue due to subselection collisions. Two messages with different content can have the same e4 hash. They need to have SOME of the same content to match, but not all of it.
e4 signatures are NOT unique. They are specifically designed to not be unique. E4 is specifically designed to match highly similar messages.
In the event of an e4 parameter change the server MUST have the body of the message for a revoke. End of story.
If you think it's some other way, you're fooling yourself and oversimplifying the problem.
> Perhaps there could be a "hash only revoke" mechanism added for privacy, but it would have severe limits, and should never be the default.
I don't see those limits, since a revoke of a message where the message content is unknown to the server could simply be ignored... Based on the idea, that only revokes for messages that have been reported before are necessary. (This assumption is a good one: the messages are not marked as spam if they have not been reported before.. so there is no need to revoke them. A revoke of a message that has not been reported before can therefore be ignored.)
Ignoring revokes of unknown messages has nothing to do with this point. Yes it makes sense that you can do that, but I never raised that as a problem, because it's not a problem. This entire paragraph is a complete misdirection of the point.
------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Razor-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/razor-users
