[Dcrup] Re: [Ietf-dkim] [standards] [Editorial Errata Reported] RFC8463 (7930)
Viktor Dukhovni <ietf-dane@dukhovni.org> Fri, 17 May 2024 04:02 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78A9DC14F6FD for <dcrup@ietfa.amsl.com>; Thu, 16 May 2024 21:02:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.397
X-Spam-Level:
X-Spam-Status: No, score=-4.397 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=dukhovni.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wwG05oSkwpiG for <dcrup@ietfa.amsl.com>; Thu, 16 May 2024 21:02:25 -0700 (PDT)
Received: from chardros.imrryr.org (chardros.imrryr.org [144.6.86.210]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED2B5C14F712 for <dcrup@ietf.org>; Thu, 16 May 2024 21:02:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dukhovni.org; i=@dukhovni.org; q=dns/txt; s=f8320d6e; t=1715918571; h=date : from : to : subject : message-id : references : mime-version : content-type : in-reply-to : from; bh=m/0wF2RLY4a4/874GVTMixdPS3O2hVc6PSUxPSuJVtI=; b=cZ1HERlmaDQ7TGEBL9ydGDB4Z9DINShQtWv92rbSB29wFfQNy4pVh6FsCZ4hcGybseo6L MLaWXR07WunydDpsGEOmQcX8Docv++TMlCbD/2RglFEG0k5yv1hKX7JrbRmQxFWoT3swaLZ C3JNoFClkC2VIDPt0tYCMcRBK9TV37I=
Received: by chardros.imrryr.org (Postfix, from userid 1000) id 4A8DB893CE0; Fri, 17 May 2024 00:02:51 -0400 (EDT)
Date: Fri, 17 May 2024 00:02:51 -0400
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: dcrup@ietf.org
Message-ID: <ZkbW6z2ilRbVj-7S@chardros.imrryr.org>
References: <ZkAOictS1ygyIBZe@chardros.imrryr.org> <20240512005258.N-lL8YIA@steffen%sdaoden.eu> <CAL0qLwYPtxxDhYEjH0D5YkcXBf6Qy6Xcux7PdvFtwhJzpaUxyg@mail.gmail.com> <ACD165BA-9195-480E-9FA0-44A44097E6A8@isdg.net> <20240513203259.hFdFtvyd@steffen%sdaoden.eu> <ZkLM72PMJeWpet5C@chardros.imrryr.org> <20240515001817.saYJ-VOe@steffen%sdaoden.eu> <CDA9C77F-A74A-4303-AE9E-3E71661AA490@isdg.net> <DC85F374-B15C-442C-9F5E-15B4EEA3022D@dukhovni.org> <20240516222922.RlI6iUKT@steffen%sdaoden.eu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20240516222922.RlI6iUKT@steffen%sdaoden.eu>
Message-ID-Hash: DHXDOMKDWR3AVRC4EPON2IPF7DMCBTQY
X-Message-ID-Hash: DHXDOMKDWR3AVRC4EPON2IPF7DMCBTQY
X-MailFrom: ietf-dane@dukhovni.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dcrup.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Dcrup] Re: [Ietf-dkim] [standards] [Editorial Errata Reported] RFC8463 (7930)
List-Id: DKIM Crypto Update <dcrup.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/F3wezOfZSA29_eyv2YqASdFtuWo>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Owner: <mailto:dcrup-owner@ietf.org>
List-Post: <mailto:dcrup@ietf.org>
List-Subscribe: <mailto:dcrup-join@ietf.org>
List-Unsubscribe: <mailto:dcrup-leave@ietf.org>
On Fri, May 17, 2024 at 12:29:22AM +0200, Steffen Nurpmeso wrote: > That is five years and still you need to DKIM-double-sign your > emails, because major email player with which you have to be > compatible to simply do not follow this spec. The "major email players" are focused various business objectives that take precedence over technical nits that no users care about. This has nothing to do with the details of the new Ed25519 spec, and everything to do with RSA + SHA256 being "good enough" for now. Inertia is a fact of life at Internet scale. You are much too fixated on minor details of RFC8436. It may not be perfect, but it makes some sense in light of RFC6376, and lack of Ed25519ph APIs in OpenSSL at the time RFC8463 was written ~six years ago. Support for the plausibly more natural Ed25519ph was added to OpenSSL 3.2 in Nov 2023! And there still isn't an IUF (init, update, final) streaming API for Ed25519ph: only one-shot operation is supported. Signing a precomputed hash with Pure EdDSA is a workable alternative. Best to let it go. I suggest not replying for at least a week, and if, once the urge to immediately reply has cooled down, you have something materially new to add, craft a concise followup, carefully sticking to the essential technical point you're sure has not already been addressed. Over and out. -- Viktor.
- [Dcrup] [Editorial Errata Reported] RFC8463 (7930) RFC Errata System
- [Dcrup] Re: [standards] [Editorial Errata Reporte… John R Levine
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Alessandro Vesely
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… John R Levine
- [Dcrup] Re: [Editorial Errata Reported] RFC8463 (… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Viktor Dukhovni
- [Dcrup] Re: [Editorial Errata Reported] RFC8463 (… Viktor Dukhovni
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… John R Levine
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Viktor Dukhovni
- [Dcrup] Re: [Editorial Errata Reported] RFC8463 (… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Hector Santos
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Alessandro Vesely
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Viktor Dukhovni
- [Dcrup] Re: [Editorial Errata Reported] RFC8463 (… Rebecca VanRheenen
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Alessandro Vesely
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Viktor Dukhovni
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Steffen Nurpmeso
- [Dcrup] Re: [Ietf-dkim] [standards] [Editorial Er… Hector Santos
- [Dcrup] Re: [Ietf-dkim] [standards] [Editorial Er… Viktor Dukhovni
- [Dcrup] Re: [Ietf-dkim] [standards] [Editorial Er… Steffen Nurpmeso
- [Dcrup] Re: [Ietf-dkim] [standards] [Editorial Er… Viktor Dukhovni
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Murray S. Kucherawy
- [Dcrup] Re: [Editorial Errata Reported] RFC8463 (… Murray S. Kucherawy
- [Dcrup] Re: [Editorial Errata Reported] RFC8463 (… Orie Steele
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Murray S. Kucherawy