ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] agenda item on upgrading hash algorithms?

2006-02-22 17:45:47
On Wed, Feb 22, 2006 at 03:42:41PM -0800, Ned Freed allegedly wrote:
The only question facing us is whether we jump straight to SHA-256
now, or allow both. Jumping is cryptographically wiser as it gets us
off the weak hash. Allowing both is engineeringly wiser as it forces
us to be agile now. Neither is a bad choice, sadly. If one were a bad
choice, then it would be easy. As things sit, we have a hard choice,
and no matter what we do, people will look back with the wisdom of
hindsight and cluck their tongues sadly about how stupid we were and
how *clearly* it would have been better to do the other thing.

Very nicely put. I completely agree. It should be obvious that I'm in the
"might as well get agility correct now" camp, no doubt because I'm an
implementor first and I've been bitten too many times by bad code and bad
assumptions built into code. But the SHA-256 only position definitely
has merit too.

Me three. As a long-time implementor I suck at getting un-exercised
code right. I'd much prefer agility to be essential to a day one
deployment, as it'll otherwise never work.


Mark.

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>