Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-RT-Original-Encoding: utf-8
X-Mailer: MIME-tools 5.508 (Entity 5.508)
Message-ID: <rt-4.4.1-21225-1508837668-1613.42272-0-0@isc.org>
References: <RT-Ticket-42272@isc.org>
 <rt-4.2.8-34950-1461887060-145.42272-4-0@isc.org>
 <rt-4.4.1-85494-1508735280-1768.42272-4-0@isc.org>
 <20171023082855.GA27755@jurassic.lan.banu.com>
 <rt-4.4.1-85494-1508779281-1715.42272-7-0@isc.org>
 <rt-4.4.1-85494-1508781862-1155.42272-7-0@isc.org>
 <20171023223150.GD29905@jurassic.lan.banu.com>
 <rt-4.4.1-85494-1508797920-709.42272-7-0@isc.org>
 <20171024015635.GA96466@isc.org>
 <rt-4.4.1-85494-1508810200-525.42272-0-0@isc.org>
Content-Disposition: inline
In-Reply-To: <rt-4.4.1-85494-1508810200-525.42272-0-0@isc.org>
X-RT-Interface: Web
RT-Send-CC:
Content-Length: 626

On Tue Oct 24 01:56:40 2017, each@isc.org wrote:
> > Are we in agreement that HMAC-MD5 is the best choice for default?
> 
> I'm guessing you meant "is not"?
> 
> I definitely want the default to change, but since we've already shipped
> beta, it shouldn't change for 9.12. I've pushed code to the branch that
> prints a warning message and promises to change the default in the future.

=> as I pushed alternative to HMAC-MD5 a long time ago you already
know my opinion. BTW most arguments against MD5 are applicable so
will be applied to SHA-1 (or with other words in "no reason at all"
IMHO there is a missing "technical").