Mike, this is what I was trying to say in a previous post. You are
exactly right. We have already faced this situation and it has proven
itself in the field to work just fine.
Arvel
Michael Thomas wrote:
I'm still not seeing what the problem is with things as they stand now.
We've already been through a transition with sha1 and sha256. The
solution was to make both signatures in the transition and set the
h=sha1|sha256; in the selector. All you do when you're ready to
completely transition is only sign with the new algorithm and set
h=sha256; in the selector. This is exactly the kind of case we wanted
to get right for -base and as far as I can tell it worked exactly as
intended.
I'm honestly not trying to be obtuse here.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html