At 20:50 16-08-2007, Adam Gibson wrote: >What I was really trying to get at though is that if distributions >decide to add this today and make it easier for people to install (RPM, >etc) then they will end up using the openssl that is included by >default. For that reason I was just curious how wide spread the usage >of sha256 is used. I was just surprised that sendmail.net would use >sha256 when other setups might not work with it and the sendmail.net >server is what the docs say to test your setup with.
For security reasons it's better to use sha256. That choice is not dictated by what is available on widely deployed operating systems. You have the option of compiling against a SSL library that has sha256 support. Dkim-milter implements RFC 4871. The specification recommends that Signers should sign using rsa-sha256. It also recommends that Verifiers must implement rsa-sha256. Regards, -sm ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
