On Feb 15, 2006, at 9:06 AM, Stephen Farrell wrote:
Dave Crocker wrote:
DKIM already permits specifying different algorithms. If you are
suggesting that it needs to do more than that, to anticipate some
requirement that might be imposed 5 years from now, please elaborate.
Its neither that vague, nor that frightening. NIST will end up
organising a competition for a new hash algorithm - they've nearly
said as much already. When that's done, the winner will be a FIPS
and will be the algorithm of choice. That's likely to take a few
years, but probably not 10, IMO.
The point is that when the DKIM RFC is about 2-3 years old,
there'll likely be a different preferred algorithm and we should
(now) try to make that transition as easy as we can, so long as it
doesn't hold us up too much. But, if we do a good job on the sha-1/
sha-256 issue now, I'd hope that should be enough.
Of equal concern with respect to crypto-security, support for 500-bit
keys should be dropped.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://dkim.org/ietf-list-rules.html