Section 3.3 has the phrase Verifiers MUST implement rsa-sha256
Implementers will understand that they can go away with a verifier that does not implement rsa-sha1. Their verifier would then return PERMFAIL for the sha1-signed newsletter in the following informative note. I suggest to clarify this as follows: INFORMATIVE NOTE: Although sha256 is strongly encouraged, some senders of low-security messages (such as routine newsletters) may prefer to use sha1 because of reduced CPU requirements to compute a sha1 hash. MTAs whose verifiers don't implement rsa-sha1 will treat these messages as if they were not signed. In general, sha256 should always be used whenever possible. See also http://mipassoc.org/pipermail/ietf-dkim/2011q1/015464.html (which was written at a time when verifiers were mandated to implement both sha digests.) This change is meant to prevent that kind of misunderstandings. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
