Hi Tony,
[I suggest following up on the DKIM WG mailing list]
At 08:07 11-04-2011, Tony Hansen wrote:
>The MUSTs *are* redundant with section 3.3's first paragraph. However,
>it's still important.
>
>If this section were rewritten, I'd suggest something like this:
>
> h= Acceptable hash algorithms (plain-text; OPTIONAL, defaults to
> allowing all algorithms). A colon-separated list of hash
> algorithms that might be used.
>
> As stated in section 3.3, Signers and Verifiers MUST
> support the "sha256" hash algorithm, and Verifiers MUST also support
> the "sha1" hash algorithm. Which algorithms are listed
> in h= is an operational choice by the sender.
You are restating a MUST. :-) I agree that it is important. The
problem here is that it still leads to various interpretations due to
the keywords.
I'll try rewriting the text in Section 3.6.1:
h= Acceptable hash algorithms (plain-text; OPTIONAL, defaults to
allowing all algorithms). A colon-separated list of hash
algorithms that might be used. Unrecognized hash algorithms
MUST be ignored.
Please refer to Section 3.3 for a discussion of the hash algorithms
implemented by Signers and Verifiers. Which algorithms are listed
in h= is an operational choice made by the sender.
I kept the MUST in the first paragraph as it is a requirement for
implementations.
Regards,
-sm
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
