> [mailto:[EMAIL PROTECTED] On Behalf Of Dave Crocker
> I don't think I understand what it means for a signer to be > required to support two different "SHOULD" requirements for > the same function. > > Hmmm. > > Perhaps there is a distinction between saying that the > signing implementation MUST *support* a core set of > algorithms, versus that a signer SHOULD *use* one of them? We could go with signers SHOULD support at least one of SHA-1 and SHA-256. It could be argued this needs to be a MUST but I am nervous about mandating support for an alg we know is likely to be deprecated before the spec is reved. For interop we need to make verifier support a MUST. I would like to know more about the precise patent encumberances of ECC. I can well imagine that when the time comes to upgrade alg requirements we mandate ECC support. DKIM is a classic application for ECC. _______________________________________________ NOTE WELL: This list operates according to http://dkim.org/ietf-list-rules.html
