On 4 Mar 2008 at 13:31, Murray S. Kucherawy wrote:
> On Tue, 4 Mar 2008, SM wrote: > >> Actually it will run, but RFC4871 is pretty strong in its language about > >> using rsa-sha256 other than in exceptional circumstances. > > > > rsa-sha256 is a MUST for verifiers. Doesn't dkim-milter test for that? > > Ah, you're right. I suppose if I am to enforce the spec in software, the > filter should force itself into sign-only mode if only SHA1 is available. > > Is this a good idea? If the operation mode was defaulted then yes (with a log message of course). If verify specifically requested, then generate an error and terminate. ...don support (at) microtechniques.com ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
