From 5a454e85e7d0bd4ac801804fcf1ccb492883b0eb Mon Sep 17 00:00:00 2001
From: Heiko Schaefer <heiko@schaefer.name>
Date: Tue, 14 Nov 2023 19:46:23 +0100
Subject: [PATCH] extend todo-note

---
 book/source/07-signing_data.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/book/source/07-signing_data.md b/book/source/07-signing_data.md
index 6a5458b..787e9fc 100644
--- a/book/source/07-signing_data.md
+++ b/book/source/07-signing_data.md
@@ -71,6 +71,8 @@ For efficient verification, an application must understand how to handle the lit
 :class: warning
 
 Is the signer keyid/fingerprint in the OPS important for the verifier to be able to verify the signature efficiently? Or is it (only?) there to be hashed and signed, along with the literal data?
+
+Realization: It's probably useful to know the fingerprints right away, to first go find the public key material, before calculating the hash of a huge file.
 ``` 
 
 #### Verification