Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-crypto-03.txt

Eric Rescorla <ekr@rtfm.com> Sun, 02 July 2017 19:18 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 99B89126DED for <dcrup@ietfa.amsl.com>; Sun, 2 Jul 2017 12:18:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dax6_VANKHB2 for <dcrup@ietfa.amsl.com>; Sun, 2 Jul 2017 12:18:51 -0700 (PDT)
Received: from mail-yb0-x22c.google.com (mail-yb0-x22c.google.com [IPv6:2607:f8b0:4002:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C9D81124234 for <dcrup@ietf.org>; Sun, 2 Jul 2017 12:18:50 -0700 (PDT)
Received: by mail-yb0-x22c.google.com with SMTP id s15so15952560ybe.2 for <dcrup@ietf.org>; Sun, 02 Jul 2017 12:18:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=rKriKGOAJRED9lgmhksOwnPeUvcWdqLn2ROks8tXUAk=; b=HPmlYfwjkGaHGGSe8hOkVHGwpTMpfFSZ2LEiN6IGaK3DmqIIasfhhrJBzUuKluMfW1 RkACr3M4pfzHax+4h4LeWsTEmA1kYHRL6WpxsYe1j3QiFuwTKpn5MVQAkHHv23MJzB4y FtIrysPaopr96rSTpHH44uyiKp5dgoXXVBtUB5X/qfjE0miBAKYIeL22aopc5yWywJ12 kVkB5Lry/k4NqeBUqRP2u3Ktr5WXk41jcb5V/hTki4MJgAgyCwXx/sSuZVzJSFaSFMM4 bRREfz1lUl3v3ROfNK3bWrN3fM74BMk3ofaOw86fewe4jEn7h1+ohD/Tl04Rlf3T4t61 K9UA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=rKriKGOAJRED9lgmhksOwnPeUvcWdqLn2ROks8tXUAk=; b=B6CMk04VFTXE4B1GddzBrkrPiuO5Byn4VrDTvgDD2cDacWASQ97ZqLFSl3lXG0pyde 3CaDWjR/ASuQHCVzLc3mss6CvAHRHwXEBlzAPrzVhXePb24iwuevRMKXanf8urYLWe8n M4bLcAAQ+rYCQl8QIR4C0QHqH5HFunfnr7Tp5Rf9K4ffhpRuvoTKWSmG0fJbajW2quAt g1XnZzHvnt3PYRYg/zsJe9d8gWbpZsE47K5kX9pFXtTDk+bX3MbG3SnevOsKwaGENAGv QNVht98cm/T+lfHRJcGqDJVBxh4z2h/fesZxPV3miBUI6/5nxcRaH0mR5h4FPYG07myd GqCA==
X-Gm-Message-State: AKS2vOw4mjcYHfMmEJAgpZWHvZ/gsw7rAXsmqog/i7wm3U5lzlB/QWUo XaVHY75fDvQdYiSpi4hLyiGU0jjMVq59
X-Received: by 10.37.48.67 with SMTP id w64mr24702901ybw.89.1499023130166; Sun, 02 Jul 2017 12:18:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.13.215.9 with HTTP; Sun, 2 Jul 2017 12:18:09 -0700 (PDT)
In-Reply-To: <alpine.OSX.2.21.1707012341180.70305@ary.qy>
References: <CABcZeBOs1yZ7q3oBgNeVkw=zSQb_SuS4hqK8BH0ebrD5LRYTFg@mail.gmail.com> <20170702025650.55902.qmail@ary.lan> <CABcZeBM4KEr5CEZq4t9BX50btCRPLhZBAtZN18v_6gZ5B-ni5A@mail.gmail.com> <alpine.OSX.2.21.1707012341180.70305@ary.qy>
From: Eric Rescorla <ekr@rtfm.com>
Date: Sun, 02 Jul 2017 12:18:09 -0700
Message-ID: <CABcZeBOLSrYo8mEQ1evyU7CzctV0VF4r7_bX3nA0oxtHCeEgSQ@mail.gmail.com>
To: John R Levine <johnl@taugh.com>
Cc: dcrup@ietf.org
Content-Type: multipart/alternative; boundary="001a114899c42f1c2f05535a856b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/3l2NpAT2dRhBaMuykm1wbkr6KOU>
Subject: Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-crypto-03.txt
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Jul 2017 19:18:53 -0000

On Sat, Jul 1, 2017 at 8:41 PM, John R Levine <johnl@taugh.com> wrote:

> The point of the fingerprints was to make it easier to use long RSA keys.
>>
>> That may have been your point, but when I suggested it, my objective was
>> to
>> future proof the protocol against other algorithms with larger keys as
>> well.
>>
>
> I'm wondering how likely that is.
>

Given that (a) we already have algorithms that are bigger and (b)
post-quantum keys
might be quite a bit bigger, it seems unwise to design under the assumption
that it will
not happen.

-Ekr


>
> Regards,
> John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
> Please consider the environment before reading this e-mail. https://jl.ly
>