Unless John, Jon, Dave, and Mike can assure the WG that current
algorithms will always be sufficiently strong, and that a transition
sufficiently swift, then a means for the _signer_ to apply different
algorithms where one is "deprecated" should be possible.
Let's say I am a signer, you are a receiver. I publish a policy that
says "don't trust that old fashioned sha256 signature, just the new
rot13 one." What should you do with that policy record? Why should
you do anything other than ignore it because it's stupid?
More generally, I hear an implicit assumption in all of this that
senders know more about crypto than receivers do. Why would that
be so? Why shouldn't receivers use their own best judgement about
what hashes are adequately strong, and why should they believe
statements from random spammers about relative strengths of
crypto algorithms?
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html