On 7 November 2011 22:22, SM wrote: > From Section 2:
> "4. Compute a digest of that string with any > hashing/digest algorithm such as SHA1" > A reference to RFC 6234 could be added for "SHA". IMHO any hash including I-D.eastlake-fnv and MD5 will do. The redaction I-D does not claim that SHA-1 is still considered as a "secure hash", if I understood the I-D correctly, it only suggests to use something more convoluted than "xxxxxx". > My reading is that the algorithm is to only > redact the local-part of an email address > (message header and body). NAK, the sensitive part of [email protected] could be "catchall" instead of "anything". > The title could be "redaction of email addresses > from mail abuse reports". For "John Doe" <[email protected]> the private stuff could be "John Doe", "secret", and "catchall". In the EU this is anyway governed by privacy laws. Static IPs can be also private data, this is not only about email addresses. -Frank _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
