Re: [ietf-dkim] Features that could be reconsidered: sha1 vs sha256

ietf-dkim

Re: [ietf-dkim] Features that could be reconsidered: sha1 vs sha256

2009-05-09 21:54:19

Regarding the use of sha1 vs. sha256, I did a search of messages I've
collected in the past few years that have dkim signatures.

2008    rsa-sha1        1016
2008    rsa-sha256      1525
2009    rsa-sha1        1983
2009    rsa-sha256      1932

These are just messages that have arrived in my inbox. It's just a data
point.

Regarding Steve Atkin's suggested reworded text:
    "Verifiers MUST support rsa-sha256 and MAY support rsa-sha1.
    Signers SHOULD sign using rsa-sha256 and SHOULD NOT sign using
    rsa-sha1." might provide enough wiggle room to allow existing code
    time to migrate away from SHA1.

I'm not sure we can downgrade verifier support for sha1. However, I
definitely agree that we could downgrade signing support for sha1.

        Tony Hansen
        tony(_at_)att(_dot_)com
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] Whither 4871bis?, (continued) Re: [ietf-dkim] Whither 4871bis?, Douglas Otis Re: [ietf-dkim] Whither 4871bis?, Michael Thomas Re: [ietf-dkim] Whither 4871bis?, Steve Atkins Re: [ietf-dkim] Whither 4871bis?, Suresh Ramasubramanian Re: [ietf-dkim] Whither 4871bis?, Dave CROCKER Re: [ietf-dkim] Whither 4871bis?, Steve Atkins Re: [ietf-dkim] Whither 4871bis?, John Levine Re: [ietf-dkim] Whither 4871bis?, Hector Santos Re: [ietf-dkim] Whither 4871bis?, Steve Atkins [ietf-dkim] Features that could be reconsidered as part of the bis process, Steve Atkins Re: [ietf-dkim] Features that could be reconsidered: sha1 vs sha256, Tony Hansen <= Re: [ietf-dkim] Features that could be reconsidered: sha1 vs sha256, Suresh Ramasubramanian Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Hector Santos Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Mark Delany Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Hector Santos Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Murray S. Kucherawy Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Dave CROCKER Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, John Levine Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Murray S. Kucherawy Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, Charles Lindsey Re: [ietf-dkim] Features that could be reconsidered as part of the bis process, John Levine

Previous by Date:	[ietf-dkim] Features that could be reconsidered as part of the bis process, Steve Atkins
Next by Date:	Re: [ietf-dkim] Whither 4871bis?, Hector Santos
Previous by Thread:	[ietf-dkim] Features that could be reconsidered as part of the bis process, Steve Atkins
Next by Thread:	Re: [ietf-dkim] Features that could be reconsidered: sha1 vs sha256, Suresh Ramasubramanian
Indexes:	[Date] [Thread] [Top] [All Lists]