ned+ietf-smtp(_at_)mrochek(_dot_)com wrote:
Hash function agility. Recent experience has shown that hard coding a
specific hash function in an application is a really bad idea. (MD5 in
particular is sufficiently broken at this point that using it in any
new application is essentially a nonstarter, but SHA-1 or even SHA-256
should not be hard coded either.)
Somewhat OT, but maybe you confused "hash" and "cryptographic hash" (?)
For the purpose discussed here you have a fixed right hand side, and we
can (arbitrarily) say that this can be restricted to max. 50 characters.
That gives us about 200 octets to "encode" a hash of a complete address,
let's say four labels of length 50. To avoid trouble we can limit these
labels to a variant of B32 char.s (we're not forced to use LDH labels),
so that gives us about 5 * 200 = 1000 bits. MD5 isn't long enough for
1000 bits, it would result in more collisions than necessary.
But I've another objection to this idea: For the example "New Orleans
is down", where are the name servers answering these queries from the
backup MX ? If the name servers are also down it won't work when it's
needed.
Frank