Hi Tony, [I suggest following up on the DKIM WG mailing list]
At 08:07 11-04-2011, Tony Hansen wrote: >The MUSTs *are* redundant with section 3.3's first paragraph. However, >it's still important. > >If this section were rewritten, I'd suggest something like this: > > h= Acceptable hash algorithms (plain-text; OPTIONAL, defaults to > allowing all algorithms). A colon-separated list of hash > algorithms that might be used. > > As stated in section 3.3, Signers and Verifiers MUST > support the "sha256" hash algorithm, and Verifiers MUST also support > the "sha1" hash algorithm. Which algorithms are listed > in h= is an operational choice by the sender. You are restating a MUST. :-) I agree that it is important. The problem here is that it still leads to various interpretations due to the keywords. I'll try rewriting the text in Section 3.6.1: h= Acceptable hash algorithms (plain-text; OPTIONAL, defaults to allowing all algorithms). A colon-separated list of hash algorithms that might be used. Unrecognized hash algorithms MUST be ignored. Please refer to Section 3.3 for a discussion of the hash algorithms implemented by Signers and Verifiers. Which algorithms are listed in h= is an operational choice made by the sender. I kept the MUST in the first paragraph as it is a requirement for implementations. Regards, -sm _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html