Folks,
In: <http://mipassoc.org/pipermail/ietf-dkim/2009q2/011959.html> Steve Atkins posted a list of suggested DKIM features to drop. This note is intended to anchor a discussion thread for discusses one of those features, namely: > TXT RR tags > > h: Acceptable hash algorithms > > The spec needs to define the supported set of hash algorithms. There > may be some value in a signer being able to state that they're using > an algorithm that isn't supported, perhaps. > > But unless there is a viable attack such that an attacker can craft a > message that validates correctly against the domain owner public key > using a hash supported by the spec (sha1 or sha256), without access to > the domain owners private key, then there's no need for this to be in > the TXT record. Please discuss arguments for and against dropping this. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html