IETF Logo Mail Archive

Re: [Dcrup] FW: IETF WG state changed for draft-ietf-dcrup-dkim-usage

"John Levine" <johnl@taugh.com> Sun, 13 August 2017 21:20 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5ACBE132B83 for <dcrup@ietfa.amsl.com>; Sun, 13 Aug 2017 14:20:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TJZr9mCogJMx for <dcrup@ietfa.amsl.com>; Sun, 13 Aug 2017 14:20:56 -0700 (PDT)
Received: from miucha.iecc.com (www.iecc.com [IPv6:2001:470:1f07:1126::4945:4343]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0D74132938 for <dcrup@ietf.org>; Sun, 13 Aug 2017 14:20:56 -0700 (PDT)
Received: (qmail 32410 invoked from network); 13 Aug 2017 21:20:54 -0000
Received: from unknown (64.57.183.18) by mail1.iecc.com with QMQP; 13 Aug 2017 21:20:54 -0000
Date: Sun, 13 Aug 2017 21:20:32 -0000
Message-ID: <20170813212032.39626.qmail@ary.lan>
From: John Levine <johnl@taugh.com>
To: dcrup@ietf.org
Cc: superuser@gmail.com
In-Reply-To: <CAL0qLwaB8mdCbYjbzr6T3A5hQw3GnixuB=JhW4Ai8+_C6dEzgg@mail.gmail.com>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/3FVHNzgJTjumsuRS35Jh3tGZMr0>
Subject: Re: [Dcrup] FW: IETF WG state changed for draft-ietf-dcrup-dkim-usage
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Aug 2017 21:20:58 -0000

In article <CAL0qLwaB8mdCbYjbzr6T3A5hQw3GnixuB=JhW4Ai8+_C6dEzgg@mail.gmail.com> you write:
>This document will be shown as "updates RFC6376".  Is replacing text in
>RFC6376 the right way to do this?  Or would that not be better left to an
>actual replacement document?  That is, why not just say "MUST NOT
>sign/verify with rsa-sha1", change the state of "sha1" to obsolete, change
>the minimum key size to 1024, and stop?

Having finally reread the draft, I agree, don't update the syntax.

It's fine if a verifier syntactically recognizes rsa-sha1 so long it
doesn't consider the signature to be valid.  Perhaps it could provoke
an SMTP response like 

  554 5.7.20 Fix your signatures if you want people to accept your mail.

Also, I think the status for dead codes is "historic" rather than
"obsolete" but that's up to IANA to make it consistent with other
registries.

R's,
John

v2.23.0 | Report a Bug | By Email