[ietf-dkim] New IANA considerations: standards track or just RFC?
jon at callas.org
Wed Jan 24 13:33:09 PST 2007
-----BEGIN PGP SIGNED MESSAGE-----
On Jan 23, 2007, at 4:21 PM, Jim Fenton wrote:
> I generally agree with "RFC only", but haven't thought about all
> eight of the registries that -base asks to have created. It's not
> clear that we want to do this with all of them. For example, we
> might want to set a higher bar for the signature or hash algorithm
> than for creation of a new signature tag.
To be something of a devil's advocate on this, why? A nice property
of signatures is that there is pressure on the verifier either to
create them maximally interoperably, or accept that some people won't
be able to verify them.
As a verifier, if I start seeing signatures with a hash that I don't
speak (or think is not secure), I just consider the message to be
unsigned or bogusly signed. No problem.
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.5.2
-----END PGP SIGNATURE-----
More information about the ietf-dkim