On Wed, Mar 22, 2006 at 10:01:27PM -0600, Arvel Hathcock allegedly wrote: > Would it be possible/wise to just not do this incompatible change when > signing with sha1? Since we are not going to recommend sha1 as the hash
That could work of course, but I don't think it's an ideal way of doing it in such a new protocol as that approach effectively makes the algorithm choice a surrogate version. if a=rsa1 then interpret rest of content in this way if a!=rsa1 then interpret rest of content in another way Six months down the road we have the same discussion about some other compatibility issue and someone suggests that an l=-1 (just as an example) might suffice to indicate the old way of doing things. Then you have: if a=rsa1 and l=-1 then interpret rest of content in way One if a=rsa1 and l!=-1 then interpret rest of content way Two if a!=rsa1 and l=-1 then interpret rest of content in way Three if a!=rsa1 and l!=-1 then interpret rest of content in way Four etc, etc. It's not clear to me that DKIM has so much inertia that we need to accrete these sort of contortions yet. Mark. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
