ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] agenda item on upgrading hash algorithms?

2006-02-24 09:14:09
It seems to me that since DKIM signatures are expected to have short
lifetimes and to have only moderate value, and that we've established
quite thoroughly that there is not yet an obvious successor to SHA-1,
it would be OK simply to note that we'll need something more secure in
the future and leave it at that.

How many times do you want to do this?!

Ideally never, pragmatically, once.  If I thought we had enough info to do
it now, I'd agree that we should try to do it now, but we don't.

I don't see a hash upgrade as urgent.  Even as SHA-1 becomes easier to
break, it doesn't seem likely that it'll be broken badly enough to make it
possible to put fake signatures on messages at high speed.

Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet 
for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor
"I shook hands with Senators Dole and Inouye," said Tom, disarmingly.
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>