Arvel Hathcock wrote:
> In that case I would suggest that we make SHA256 a MUST support for
> signature verifiers and a SHOULD for signature generators.
>
> SHA-1 should probably also be a MUST for verifiers and a SHOULD for
> signers.
For the record, I'm fine with this.
I don't think I understand what it means for a signer to be required to support
two different "SHOULD" requirements for the same function.
Hmmm.
Perhaps there is a distinction between saying that the signing implementation
MUST *support* a core set of algorithms, versus that a signer SHOULD *use* one
of them?
d/
--
Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
NOTE WELL: This list operates according to
http://dkim.org/ietf-list-rules.html