diff --git a/NewMutableEncodingDesign.md b/NewMutableEncodingDesign.md
index 0ebf21e..8c66dff 100644
--- a/NewMutableEncodingDesign.md
+++ b/NewMutableEncodingDesign.md
@@ -46,8 +46,8 @@ directly in the filecap, simplifying the design considerably.
 
 ## Filecap Length
 
-A likely security parameter K (=kappa) would be 96 or 128 bits, and most of
-the filecaps will be some multiple of K.
+A likely security parameter K (=kappa) would be 96, 128, or 160 bits, and most of
+the filecaps will be some multiple of K. [96 bits is too short IMHO --David-Sarah]
 
 Assuming a `tahoe:` prefix and no additional metadata, here's what
 various lengths of base62-encoded filecaps would look like:
@@ -55,25 +55,34 @@ various lengths of base62-encoded filecaps would look like:
  * 1*K:
   * 96 `tahoe:14efs6T5YNim0vDVV`
   * 128 `tahoe:4V2uIYVX0PcHu9fQrJ3GSH`
+  * 160 `tahoe:8gdR7Epld72UvkF6Pe9hhT8NQx3`
  * 2*K:
   * 192 `tahoe:072Og6e75IOP9ZZsbR1Twjs6X5xXJnBAF`
   * 256 `tahoe:fZeioazoWrO62reiAjzUAyV0uz3ssh6Hnanv8cKMClY`
+  * 320 `tahoe:j6Re0BbWp7DqJtgd9fUXl4pWiD5kr1mjT9DtudJ72o0vhPen83Utza`
  * 3*K:
   * 288 `tahoe:11DriaxD9nipA10ueBvv5uoMoehvxgPerpQiXyvMPeiUUdtf6`
   * 384 `tahoe:3a31SqUbf8fpWE1opRCT3coDhRqTU7bDU2AvC3RQJBu6ZNFhVscyxA9slYtPVT79x`
+  * 480 `tahoe:P6rGeI6CwlG4i8W2l6haSoC9rfPjw0KHBi8xAk4F8vdhnRhL8nwE27CitJ9Rld06HuKt8VucypJRcbGFo`
 
 Adding 2 metadata characters and a clear separator gives us:
 
  * 96: `tahoe:MW-14efs6T5YNim0vDVV`
  * 128: `tahoe:DW-4V2uIYVX0PcHu9fQrJ3GSH`
+ * 160: `tahoe:DW-8gdR7Epld72UvkF6Pe9hhT8NQx3`
  * 192: `tahoe:MR-072Og6e75IOP9ZZsbR1Twjs6X5xXJnBAF`
  * 256: `tahoe:DR-fZeioazoWrO62reiAjzUAyV0uz3ssh6Hnanv8cKMClY`
  * 288: `tahoe:MR-11DriaxD9nipA10ueBvv5uoMoehvxgPerpQiXyvMPeiUUdtf6`
- * 384: `tahoe:MR-3a31SqUbf8fpWE1opRCT3coDhRqTU7bDU2AvC3RQJBu6ZNFhVscyxA9slYtPVT79x`
+ * 320: `tahoe:MV-j6Re0BbWp7DqJtgd9fUXl4pWiD5kr1mjT9DtudJ72o0vhPen83Utza`
+ * 384: `tahoe:DV-3a31SqUbf8fpWE1opRCT3coDhRqTU7bDU2AvC3RQJBu6ZNFhVscyxA9slYtPVT79x`
+ * 480: `tahoe:MV-P6rGeI6CwlG4i8W2l6haSoC9rfPjw0KHBi8xAk4F8vdhnRhL8nwE27CitJ9Rld06HuKt8VucypJRcbGFo`
 
 [#217:c44](http://allmydata.org/trac/tahoe/ticket/217#comment:44) says that,
 if we don't need to prevent collisions, then we can use a K-bit hash for
-K-bit second-pre-image resistance.
+K-bit second-pre-image resistance. However, see
+[#882:c6](http://allmydata.org/trac/tahoe/ticket/882#comment:6) for a
+counterargument saying that 50 extra bits or so are needed to be secure
+against multi-target attacks.
 
 # Design Proposals