Re: draft-ietf-secsh-dns-01.txt Fingerprint digest alg

To: jon%siliconcircus.com@localhost
Subject: Re: draft-ietf-secsh-dns-01.txt Fingerprint digest alg
From: Jakob Schlyter <jakob%crt.se@localhost>
Date: Thu, 7 Nov 2002 16:43:37 +0100 (CET)

On Thu, 7 Nov 2002 jon%siliconcircus.com@localhost wrote:

> Wouldn't backwards compatibility be better served by requiring SHA1 and
> additionally recommending MD5 be provided?

there is nothing to be backwards compatible with since sshfp isn't yet
deployed.

users will not verify the fingerprints distributed with sshfp themselves,
their software will. why? since without dnssec validation, sshfp is
practically useless and verifying the dnssec signature of the sshfp
manually isn't doable.

	jakob

-- 
Jakob Schlyter <jakob%crt.se@localhost>                Network Analyst
Phone:  +46 31 701 42 13, +46 70 595 07 94   Carlstedt Research & Technology

References:
- Re: draft-ietf-secsh-dns-01.txt Fingerprint digest alg
  - From: jon

Prev by Date: Re: draft-ietf-secsh-dns-01.txt Fingerprint digest alg
Next by Date: Note Well Statement
Previous by Thread: Re: draft-ietf-secsh-dns-01.txt Fingerprint digest alg
Next by Thread: Re: draft-ietf-secsh-dns-01.txt Fingerprint digest alg
Indexes:

Home | Main Index | Thread Index | Old Index