On 29 Jul 2015, at 20:16, John Hardin wrote:
On Wed, 29 Jul 2015, Bill Cole wrote:
On 29 Jul 2015, at 18:56, David B Funk wrote:
IE the DNS system is always case-insensitive
...
The difference between DNS being specified as case-insensitive
...which restores my question about collisions based on
case-insensitive comparison of base64 strings in DNS lookups.
A MD5 hash is 128 bits. How you represent those bytes depends on your
needs. One common form is 32 hex digits, although base64 is used for MD5
password hashes, which I guess is what you're thinking of. Hex digits
are entirely case-squashable. MD5 is probably good enough for generating
DNS labels from email addresses and 32 characters isn't an onerous DNS
label. SHA1 would be a bit better and 40 characters isn't a problem
either. I bet a real cryptographer could prove that the limits on
local-parts make crafted hash collision on either MD5 or SHA1 impossible
in this application.
Which still doesn't mean the whole concept isn't bonkers.
