[ietf-dkim] Features that could be reconsidered: sha1 vs sha256
ops.lists at gmail.com
Sat May 9 19:11:04 PDT 2009
On Sun, May 10, 2009 at 6:19 AM, Tony Hansen <tony at att.com> wrote:
> I'm not sure we can downgrade verifier support for sha1. However, I
> definitely agree that we could downgrade signing support for sha1.
I dont see verifier support for sha-1 going away for quite a while due
to legacy installations. Downgrading or entirely removing (except if
a flag is explicitly set, say) SHA-1 signing is certainly an option.
Suresh Ramasubramanian (ops.lists at gmail.com)
More information about the ietf-dkim