On Aug 1, 2006, at 5:38 PM, Michael Thomas wrote:
I know that we've gotten a barrage in the last few days but is
there support for having policy for what algorithms a domain uses?
I assume this is to deal with bid-down attacks. I know where we
stand wrt this with -base, but don't remember whether we were given
any guidance wrt -ssp, or whether there was general support for
this in -ssp.
Covering Version, Algorithms, and Query methods may be found in both
"supported" and "always present in conjunction with multiple
signatures" categories. This information may assist with some
transitions away from a flakey system, but the latter case should
also be repeated or perhaps found exclusively within the affected key
in a later revision of base.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
