Yeah, me too. Same conclusion, and same assumption.
Tony Hansen
tony(_at_)att(_dot_)com
Arvel Hathcock wrote:
In that case I would suggest that we make SHA256 a MUST support for
signature verifiers and a SHOULD for signature generators.
SHA-1 should probably also be a MUST for verifiers and a SHOULD for
signers.
For the record, I'm fine with this. I "felt a disturbance in the Force"
so our implementation and library on sourceforge is already capable
here. The only assumption I made was that the tag would end up being
a=rsa-sha256.
_______________________________________________
NOTE WELL: This list operates according to
http://dkim.org/ietf-list-rules.html