ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks

2006-02-15 10:48:46
> I guess the main argument for the MUST on sha-256 would be to
> encourage moving away from sha-1 before there's much wider DKIM
> deployment.

A MUST would more than encourage, it would require :)

Isn't SHA-1 sufficient since it (a) isn't broken (b) is the least computationally taxing (I assume) and (c) provides sufficient protection for our use (we aren't protecting files full of credit card numbers with DKIM).

--
Arvel


_______________________________________________
NOTE WELL: This list operates according to http://dkim.org/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>