[ietf-dkim] agenda item on upgrading hash algorithms?
pbaker at verisign.com
Wed Feb 22 18:16:45 PST 2006
> [mailto:ietf-dkim-bounces at mipassoc.org] On Behalf Of Mark Delany
> Me three. As a long-time implementor I suck at getting
> un-exercised code right. I'd much prefer agility to be
> essential to a day one deployment, as it'll otherwise never work.
The only downside is that this does render the legacy base obsolete. But
this is probably not such a great hardship. It might even be a benefit
as people are more likely to upgrade for higher security.
The only concern I have here is if moving to SHA 256 might create
problems with crypto acceleration hardware. I don't think it should, the
hash is usually done on thehost processor rather than the cryptobox, but
I would be happier if folk could confirm that this is the case.
More information about the ietf-dkim