Douglas Otis wrote:
By just specifying the hash used in signature header, once a
hash algorithm is later discovered compromised, there is no means to
keep bad actors from using this compromised hash algorithm for spoofing
messages. It would appear the DKIM draft is not ready.
[page 21 allman-01:]
h= Acceptable hash algorithms (plain-text; OPTIONAL, defaults to
allowing all algorithms). A colon-separated list of hash
algorithms that might be used. Signers and Verifiers MUST support
the "sha1" hash algorithm.
What exactly is the problem?
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://dkim.org/ietf-list-rules.html