> The DOI has always listed both SHA-1 and MD5 as MUST implement. I thought so. I presume it's the 96-bit truncated version of those, right? Dan