Making the system only report the current e4 subselection of body doesn't change anything. It is fundamentally the same as reporting hash only.
I agree, but this is no reason to always revoke the whole message body. Restricting the transmission of the whole body to cases where collisions of two identical e4 hashes for actually different messages are calculated is still an option. as long as there is no collision, there is no need to transmit the whole message body since the fingerprint is unambigously assignable to a message.
Untrue due to subselection collisions. Two messages with different content can have the same e4 hash. They need to have SOME of the same content to match, but not all of it.
e4 signatures are NOT unique. They are specifically designed to not be unique. E4 is specifically designed to match highly similar messages.
if e4-sigs are designed to match for "similar messages", why is it so important to revoke exactly THE message. wouldn't it even improve the database if a revoke is commited to all messages that result in a revoked fingerprint?
In the event of an e4 parameter change the server MUST have the body of the message for a revoke. End of story.
i agree, otherwise it isn't possible to recompute fingerprints.
but why do the messages have to be transmitted in revokes? the message body could be transmitted in reports. a report is more likely to hold no private content than a revoke. if i revoke a message, the server can tell me the current e4 params so i can compute a (currently) valid e4-sig to revoke the message without submitting the content.
if the e4 parameters (ever) change, the server can recompute all sigs based on the message body it received from reports (not revokes).
Ignoring revokes of unknown messages has nothing to do with this point. Yes it makes sense that you can do that, but I never raised that as a problem, because it's not a problem. This entire paragraph is a complete misdirection of the point.
it's not a misdirection. my point is, that if the server doesn't have the message body of a sig i revoke, it did not receive a report for this message before my revoke and can therefore ignore the revoke. (otherwise it would already know the whole message body because of at least one report..)
------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Razor-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/razor-users
