alt Hacker NewsThe point of the checksum is to just drop obviously wrong keys. No need to handle revocation or do any DB access if checksum is incorrect, the key can just be rejected.
The point of the checksum is to just drop obviously wrong keys. No need to handle revocation or do any DB access if checksum is incorrect, the key can just be rejected.
That sounds like it's only helpful for ddos mitigation, in which case the attacker could trivially synthesize a correct checksum.