ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Issue: Section 4.3 Hash method Note

2011-04-25 18:54:13
from [Michael Thomas] [Permanent Link] 
On 04/25/2011 01:57 PM, Barry Leiba wrote:

Dave further tweaks:
   

      INFORMATIVE NOTE: Although use of rsa-sha256 is strongly encouraged,
      some senders might prefer to use rsa-sha1 when balancing security
      strength against performance, complexity, or other needs.  However,
      compliant verifiers might not implement rsa-sha1; they will treat
      such messages as unsigned.
     

WFM.
   


This seems rather extreme. Last thing I've heard is that
SHA1 has been shown to have a weakness, but it hasn't
been broken. Given that we're using unsecured DNS to
deliver public keys, this seems a like a hysterical
overreaction.

Mike
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Revision to draft-ietf-dkim-mailinglists posted, Murray S. Kucherawy
Next by Date:  Re: [ietf-dkim] Revision to draft-ietf-dkim-mailinglists posted, Hector Santos
Previous by Thread:  Re: [ietf-dkim] Issue: Section 4.3 Hash method Note, Hector Santos
Next by Thread:  Re: [ietf-dkim] Issue: Section 4.3 Hash method Note, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]