> In that case I would suggest that we make SHA256 a MUST support for
> signature verifiers and a SHOULD for signature generators.
>
> SHA-1 should probably also be a MUST for verifiers and a SHOULD for
> signers.
For the record, I'm fine with this. I "felt a disturbance in the Force"
so our implementation and library on sourceforge is already capable
here. The only assumption I made was that the tag would end up being
a=rsa-sha256.
--
Arvel
_______________________________________________
NOTE WELL: This list operates according to
http://dkim.org/ietf-list-rules.html