Re: [dane] Digest Algorithm Agility discussion

Viktor Dukhovni <> Mon, 17 March 2014 19:00 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 6B4C11A04F1 for <>; Mon, 17 Mar 2014 12:00:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id g-FiXjEH46mO for <>; Mon, 17 Mar 2014 12:00:39 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 7FF491A04C1 for <>; Mon, 17 Mar 2014 12:00:37 -0700 (PDT)
Received: by (Postfix, from userid 1034) id 4F7B62AADF5; Mon, 17 Mar 2014 19:00:28 +0000 (UTC)
Date: Mon, 17 Mar 2014 19:00:28 +0000
From: Viktor Dukhovni <>
Message-ID: <>
References: <> <> <> <> <> <> <> <>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.5.23 (2014-03-12)
Subject: Re: [dane] Digest Algorithm Agility discussion
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 17 Mar 2014 19:00:41 -0000

On Mon, Mar 17, 2014 at 02:46:41PM -0400, Paul Wouters wrote:

> >My proposal modifies the pseudo-code
> >to loop over only those records (for each usage/selector) with the
> >strongest digest plus any records with matching type 0.
> So I agree with you that is the right approach. I am not sure if I
> agree that we should try and write that into an RFC other than
> "according to local policy".
> but the text should clearly not be like 6698, that would technically
> violate the RFC if your method of local policy is implemented.

The motivation to publish the proposed digest algorithm agility
algorithm is to encourage (coerce) server operators to make sure
that they always use "cross product" TLSA RRsets:

    for each usage
	for each selector(for that usage)
	    for each supported digest
		for each object (of given usage and selector)
		    publish usage selector mtype(digest) {digest(object)}

since the set of digests is the same for every object, it is safe
to ignore any subset of the non-zero mtypes.

Now this is in some sense already implied by 6698 since the server
operator does not know which digests might be excluded by a 6698
4.1 local policy.  The goal is to both highlight this requirement,
and to encourage (require) clients to implement agility rather than
leave it to implementor's imagination.

In Postfix, users get to configure which digests are acceptable
and their priority.  The default is to support both SHA2-256 and
SHA2-512 and to prefer the latter.