IETF Logo Mail Archive

Re: [Dcrup] Working Group Last Call for draft-ietf-dcrup-dkim-crypto

"Murray S. Kucherawy" <superuser@gmail.com> Mon, 18 December 2017 17:42 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 798F6124B18 for <dcrup@ietfa.amsl.com>; Mon, 18 Dec 2017 09:42:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.099
X-Spam-Level:
X-Spam-Status: No, score=-0.099 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6CcnrVDrG8tB for <dcrup@ietfa.amsl.com>; Mon, 18 Dec 2017 09:42:42 -0800 (PST)
Received: from mail-qt0-x235.google.com (mail-qt0-x235.google.com [IPv6:2607:f8b0:400d:c0d::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D9951200F1 for <dcrup@ietf.org>; Mon, 18 Dec 2017 09:42:42 -0800 (PST)
Received: by mail-qt0-x235.google.com with SMTP id a16so21015300qtj.3 for <dcrup@ietf.org>; Mon, 18 Dec 2017 09:42:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=GRjNwzj8c9uSbvg29kSsAwlMLgl73e1cisHPN9FKgTg=; b=DdHHdnLHnkP2S41ErQji7sePX0E7PTJ52PBmgs8MMIjrDfndl87kRcvbc3MsBuUuzr 1GbRMzLDyHovz77KL0CJVyYqqQsArxNIiFDDjdPHG3gx3SqHicOjehJ+r+1aPJBoonjr hkj1bjqUyrt0eO8Zjnyiu1dmA9GB0dsQtwDxZtNqzvshDVSV2XQmb9lBHycg0C/YyGWO PHhiRj6j9EDrcru2THXqu7bR8RIVDZwPNtWi2oiR2ht9GQzFLeQOAWKQxAjKQUkVZZyX CDKw5aWiIMNP7dAePfxlhvTKI7X/DpGVZ3jnZe5XNe1+cqfdI/maqOupGUtuRjplbd75 lyKw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=GRjNwzj8c9uSbvg29kSsAwlMLgl73e1cisHPN9FKgTg=; b=UxEDyPOvmtEvkVRpa+B09KgjtBF5+8XZdIbclZBpRi0r1BkkgsGfEgoTtFoDCSgLCd 11K+kCQR9CZY2JwJdNoMFm7IvgsJ0rt1vDz4QmgE3EOmq366yyzaFqqUHIf6lgXwHRgU KJLgIF7pmotjJlRtTgw9i5/cv0gylokrpV4OAXAZfSQE/QLRZ+Up6qdVGh7fazjv1F7S OJKfAC3HUa5VPbtC4ZKL5n3n3g+rk5QfieEXR+hDc3klGCd6TYMTkuJgiCfjv4xXlfdI qMv2arcKjBxnhxcCL5Wtw62BDGOpu/CG8PhEmT7k604WOzt9S0toWRsf1i/PFNkOY4B8 t1/A==
X-Gm-Message-State: AKGB3mKFiPn8PsL88PMclg4qojpZXCF669Q9iunOFT3G8YpbJvK92KKm zGTO4FsVPj91jkyV7KVQF9QhqA7fBt6oO3LcnG1Q4g==
X-Google-Smtp-Source: ACJfBots482ihHh8M5xSF0eNs17j91Wtx7FY2NjkvoQZCzAUHfAV8fWRw5a8n46/oWQPmNfkaFFqUur0uWHoSm0FkPs=
X-Received: by 10.237.53.172 with SMTP id c41mr629487qte.191.1513618961463; Mon, 18 Dec 2017 09:42:41 -0800 (PST)
MIME-Version: 1.0
Received: by 10.237.33.1 with HTTP; Mon, 18 Dec 2017 09:42:40 -0800 (PST)
In-Reply-To: <2005843.OrHkAfkQ5T@kitterma-e6430>
References: <CAL0qLwb_WHM_e2odpc6gL2birKvVCKGpTpnW0oO_OUqWwFuo_g@mail.gmail.com> <2005843.OrHkAfkQ5T@kitterma-e6430>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Mon, 18 Dec 2017 09:42:40 -0800
Message-ID: <CAL0qLwYm-Qq=+vZhbiJWB0p5W_pFWcqS5ch1czTwQ+o6YccQrg@mail.gmail.com>
To: Scott Kitterman <sklist@kitterman.com>
Cc: dcrup@ietf.org
Content-Type: multipart/alternative; boundary="001a1130c10285ffff0560a0e048"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/AWxHKZAhUFv_z959JV6Y72vLz9Q>
Subject: Re: [Dcrup] Working Group Last Call for draft-ietf-dcrup-dkim-crypto
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Dec 2017 17:42:44 -0000

Colleagues,

WGLC has completed and this is sadly the only feedback we received.  I will
do a chair's review today, but it would be really helpful to have some more
reviewers to comment on this before we send it to Alexey.

Simultaneously: John, your comments in reply to this?

-MSK


On Fri, Dec 1, 2017 at 3:57 PM, Scott Kitterman <sklist@kitterman.com>
wrote:

> On Friday, December 01, 2017 11:45:50 AM Murray S. Kucherawy wrote:
> > Colleagues,
> >
> > We hereby begin Working Group Last Call for draft-ietf-dcrup-dkim-crypto,
> > to end December 15th.  Please review the document and post the
> (preferably
> > at least somewhat detailed) results of your reviews to the list or to the
> > chairs and author by end of that day.  Assuming no major revisions or
> > discussion are needed, we hope to have this shipped to Alexey by the
> > beginning of the December holidays.
>
> I've reviewed the document (and started working on implementation).  I
> think
> it is generally ready to go, but I have four comments:
>
> 1.  The existing RFC 6376 signature algorithms specify what to use for
> hash-
> alg.  That's missing from the Ed25519-SHA256 definition in section 3.  As
> implied by the name (and discussed on the list), the hash-alg should be
> SHA256.  Recommend replacing the leading sentence phrase in section 3 with:
>
> The Ed25519-SHA256 Signing Algorithm computes a message hash as described
> in
> Section 3.7  of [RFC6376] using SHA-256 [FIPS-180-3-2008] as the hash-alg,
> ...
>
> This matches the way other signing algorithms are described in RFC 6376.
>
> 2.  For clarity, per some of the IETF LC feedback on draft-ietf-dcrup-dkim-
> usage, recommend adding after the main body of section 3 and before the
> note:
>
> This is an additional DKIM signature algorithm added to Section 3.3 of
> [RFC6376] as envisioned in Section 3.3.4 of [RFC6376].
>
> 3.  Private key storage format
>
> Unlike RSA, Ed25519 does not appear to have a standardized textual
> format.  I
> think it might make sense to specify that for DKIM Ed25519 purposes the
> private key is stored as the base64 encoded output of the RFC 8032 Section
> 5.1.5 private key generation processes.  This would provide a (slightly)
> human
> readable private key representation that could be used by different
> implementations so that operators can safely switch implementations without
> regenerating keys and that are more understandable for trouble shooting
> purposes.
>
> 4.  Examples
>
> It would be nice to have at least one signing example for implementers to
> use
> to verify correctness.  I currently have either a signing bug or a
> verification bug in my work and I'm not sure which.  If I had a known
> correct
> example to bounce my signing results against, that would help a lot.
>
> Scott K
>
> _______________________________________________
> Dcrup mailing list
> Dcrup@ietf.org
> https://www.ietf.org/mailman/listinfo/dcrup
>

v2.23.0 | Report a Bug | By Email