Hi Tony,
[I suggest following up on the DKIM WG mailing list]
At 08:07 11-04-2011, Tony Hansen wrote:
The MUSTs *are* redundant with section 3.3's first paragraph. However,
it's still important.
If this section were rewritten, I'd suggest something like this:
h= Acceptable hash algorithms (plain-text; OPTIONAL, defaults to
allowing all algorithms). A colon-separated list of hash
algorithms that might be used.
As stated in section 3.3, Signers and Verifiers MUST
support the "sha256" hash algorithm, and Verifiers MUST also support
the "sha1" hash algorithm. Which algorithms are listed
in h= is an operational choice by the sender.
You are restating a MUST. :-) I agree that it is important. The
problem here is that it still leads to various interpretations due to
the keywords.
I'll try rewriting the text in Section 3.6.1:
h= Acceptable hash algorithms (plain-text; OPTIONAL, defaults to
allowing all algorithms). A colon-separated list of hash
algorithms that might be used. Unrecognized hash algorithms
MUST be ignored.
Please refer to Section 3.3 for a discussion of the hash algorithms
implemented by Signers and Verifiers. Which algorithms are listed
in h= is an operational choice made by the sender.
I kept the MUST in the first paragraph as it is a requirement for
implementations.
Regards,
-sm
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html