Folks,
In:
<http://mipassoc.org/pipermail/ietf-dkim/2009q2/011959.html>
Steve Atkins posted a list of suggested DKIM features to drop.
This note is intended to anchor a discussion thread for discusses one of those
features, namely:
TXT RR tags
h: Acceptable hash algorithms
The spec needs to define the supported set of hash algorithms. There
may be some value in a signer being able to state that they're using
an algorithm that isn't supported, perhaps.
But unless there is a viable attack such that an attacker can craft a
message that validates correctly against the domain owner public key
using a hash supported by the spec (sha1 or sha256), without access to
the domain owners private key, then there's no need for this to be in
the TXT record.
Please discuss arguments for and against dropping this.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html