Stephen Farrell wrote: > The point that DKIM signatures aren't meant to be high assurance is > also valid. However, sha-1 has been *seriously* weakened: 2^63 is a > lot less than 2^80, and such problems only ever get worse by > definition. So there is reason to think about whether it'd be ok > or not, were most instances of DKIM signatures to use sha-1. According to a colleague attending RSA, someone has gotten SHA-1 down to 2^61.
Eliot _______________________________________________ NOTE WELL: This list operates according to http://dkim.org/ietf-list-rules.html
