[ietf-dkim] agenda item on upgrading hash algorithms?
John R Levine
johnl at iecc.com
Fri Feb 24 08:09:24 PST 2006
> > It seems to me that since DKIM signatures are expected to have short
> > lifetimes and to have only moderate value, and that we've established
> > quite thoroughly that there is not yet an obvious successor to SHA-1,
> > it would be OK simply to note that we'll need something more secure in
> > the future and leave it at that.
> How many times do you want to do this?!
Ideally never, pragmatically, once. If I thought we had enough info to do
it now, I'd agree that we should try to do it now, but we don't.
I don't see a hash upgrade as urgent. Even as SHA-1 becomes easier to
break, it doesn't seem likely that it'll be broken badly enough to make it
possible to put fake signatures on messages at high speed.
John Levine, johnl at iecc.com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor
"I shook hands with Senators Dole and Inouye," said Tom, disarmingly.
More information about the ietf-dkim