Discussion about Cancel-Lock support

Russ Allbery eagle at eyrie.org
Mon Dec 7 00:26:00 UTC 2020

Julien ÉLIE <julien at trigofacile.com> writes:

>> My inclination would be to support all of the non-MD5 algorithms for
>> verification but only generate SHA-256.  I don't think there's much
>> gained by using the other algorithms.

>> It looks like Gnus still only supports SHA-1.

> For interoperability reasons, it seems that we'll have to handle a
> transition period, and generate two hashes for each message (SHA-1 and
> SHA-256).  And support all of the non-MD5 algorithms to verify cancel
> keys.

On the generate side, I think it only matters what other servers support,
and I have no feel for what server support is out there and thus whether
we need a transition period for that part.  (What we generate won't matter
for Gnus, since it won't have the secret keys for those hashes anyway.)

Agreed on the verification side.

Russ Allbery (eagle at eyrie.org)             <https://www.eyrie.org/~eagle/>

    Please send questions to the list rather than mailing me directly.
     <https://www.eyrie.org/~eagle/faqs/questions.html> explains why.

More information about the inn-workers mailing list