Re: Re: What the verifier can do

Tony Hansen wrote:

> Paul Hoffman wrote:
>  
>
> > Fully agree, but that doesn't lead to the conclusion that the verifier
> > *cannot* use heuristics (one of which might be the value of x=) to try
> > to get the signature to validate.
> >
> > So, let's have that examination now.
> >    
>
> I know that Michael Thomas was doing some work along these lines, to see
> how resilient you could be to changes incurred through a mailing list.
>  

Yep, and in fact I only compute exactly one message hash that I do the
RSA verify with, not multiple. Which isn't to say that other heuristics 
might
require more than one.

I have to say that I'm a little confused by this thread. Nobody's suggesting
that we change the spec to include any of this are they?

      Mike