Stephen Farrell wrote:
The point that DKIM signatures aren't meant to be high assurance is
also valid. However, sha-1 has been *seriously* weakened: 2^63 is a
lot less than 2^80, and such problems only ever get worse by
definition. So there is reason to think about whether it'd be ok
or not, were most instances of DKIM signatures to use sha-1.
According to a colleague attending RSA, someone has gotten SHA-1 down to
NOTE WELL: This list operates according to