Re: [Dcrup] Deprecating algorithms
"Murray S. Kucherawy" <superuser@gmail.com> Wed, 14 June 2017 11:59 UTC
Return-Path: <superuser@gmail.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FD1612EBCD for <dcrup@ietfa.amsl.com>; Wed, 14 Jun 2017 04:59:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KrIhZyVaBtyJ for <dcrup@ietfa.amsl.com>; Wed, 14 Jun 2017 04:59:35 -0700 (PDT)
Received: from mail-vk0-x229.google.com (mail-vk0-x229.google.com [IPv6:2607:f8b0:400c:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A866212EBCC for <dcrup@ietf.org>; Wed, 14 Jun 2017 04:59:35 -0700 (PDT)
Received: by mail-vk0-x229.google.com with SMTP id g66so79374436vki.1 for <dcrup@ietf.org>; Wed, 14 Jun 2017 04:59:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=fA3VBAcilRdAMMVeV4FANHCN+RoDAF5GUvwboLqDk3U=; b=Fo+wEC/TtYMo8mGyQZIo4tY3GQFfbVAWoDlxqJFM42NxorJKc3YKTnfIo6I+5Q/Vbt nyKOzf0coRhEl1lxEfgIocw26DHlJ+8M/Gs65NknvNHpKNV5mnlYIw7eixnw9B6FQyYH VUetgTZes6fTiTKPRLSwxUS0H27OhLKf5Ozuz5mL4u38OHPsD7LrQQfwiWDOF1jBMDNF qGGC4yJwYzNqeDsPAOegoaK8aXgR2GRDz3RXqu9R+UA1gGpJDGEU8FUi/8K43PHpAYQr KN5KWwyx4C/i/4Watchf2sAbcgOZbg0uoGbdeZuEjztBjYoWy7U/iILSOloxPU3i0ilj 2/Sw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=fA3VBAcilRdAMMVeV4FANHCN+RoDAF5GUvwboLqDk3U=; b=qneLHoaRymn6ZXaLpN6Rs3zrqmJg+cJBb1QghKAogwn3PhpnPz+sScA16LDFnZ8LhH CSY/CK0hTBp9aZRFo9/h1ZUduIJgKkZ5pFjfoifj9sYB6OQ4oWDoWgMM4W/fpdjOStbU HdVeYaIEn8MrBmqoqqEI9Pq7WBoSKDLhx6jizHq4BDDPvLDmLqrrc3qOUnUoteJndM5r lo5wiad6dIPl13dgqserUpUrqaWjmIW2GHf+OzcVbuocghe+BkKtE9w0VffXfjdttFR7 jxGQRjAS5p2yoFVohITS58dQttSke06hCDUFg2D70dmht3W0WQ1ExY50xe2cddZW71Yr ikpw==
X-Gm-Message-State: AKS2vOzML2uw0sDMaWO+9h11I8vsvnpMXJOOfZ5/oIzcl+OuJVdGov4q 82TXItwZyDsWwSl36xTnPk8/8zFYwQ==
X-Received: by 10.31.190.145 with SMTP id o139mr113124vkf.35.1497441574832; Wed, 14 Jun 2017 04:59:34 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.103.126.6 with HTTP; Wed, 14 Jun 2017 04:59:34 -0700 (PDT)
In-Reply-To: <CAL0qLwZyEuGW5BKnvW+ZZwtzDhu8_rq3ZpJd+O4H+Etr-EUruQ@mail.gmail.com>
References: <CAL0qLwZDpGeBgTGZfKLFKq8x7UQeExSUm0JeoHMx1EN-xUmswA@mail.gmail.com> <CABkgnnUgiJHNc2gxORV3qcMLOoLLEB9doSUETpU6ehvM493MwQ@mail.gmail.com> <CAL0qLwZyEuGW5BKnvW+ZZwtzDhu8_rq3ZpJd+O4H+Etr-EUruQ@mail.gmail.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Wed, 14 Jun 2017 04:59:34 -0700
Message-ID: <CAL0qLwZ538H9w5b3BhXN-a7LEJieHu_LTO=co3NqMdqse85L=A@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Cc: dcrup@ietf.org, Alexey Melnikov <alexey.melnikov@isode.com>
Content-Type: multipart/alternative; boundary="001a1143991023cf6d0551ea491f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/JWa-uFrdkMj2xeVQmXGeRXYSDv4>
Subject: Re: [Dcrup] Deprecating algorithms
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jun 2017 11:59:38 -0000
On Tue, Jun 13, 2017 at 6:37 PM, Murray S. Kucherawy <superuser@gmail.com> wrote: > On Tue, Jun 13, 2017 at 7:52 AM, Martin Thomson <martin.thomson@gmail.com> > wrote: > > This is a fine thing. Do you want to propose text for the charter? >> > > The diff to the current charter is going to be mighty small, so sure, I'll > do it this week sometime. > Proposed revised charter text. A crypto person should review it to make sure it's not nonsense since I only know enough about crypto to be dangerous. Apologies for the silly wrapping; I fought with the gmail interface to make it pretty and failed. -- snip -- The DKIM Crypto Update (DCRUP) Working Group is chartered to update DomainKeys Identified Mail (DKIM, RFC 6376) to handle more modern cryptographic algorithms and key sizes. DKIM (RFC 6376) signatures include a tag that identifies the hash algorithm and signing algorithm used in the signature. The only current algorithm is RSA, with advice that signing keys should be between 1024 and 2048 bits. While 1024 bit signatures are common, longer signatures are not because bugs in DNS provisioning software prevent publishing longer keys as DNS TXT records. DKIM also currently supports use of SHA1 coupled with RSA. SHA1 has been formally deprecated due to weakness especially when used in the context transport security, though the risk of a successful preimage attack is less severe. Still, the community wishes to discourage its continued use in the DKIM context. DCRUP will consider four types of changes to DKIM: additional signing algorithms such as those based on elliptic curves, changes to key strength advice and requirements, deprecating the use of SHA1, and new public key forms, such as putting the public key in the signature and a hash of the key in the DNS to bypass bugs in DNS provisioning software that prevent publishing longer keys as DNS TXT records. It will limit itself to existing implemented algorithms and key forms. Other changes to DKIM, such as new message canonicalization schemes, are out of scope. The WG will as far as possible avoid changes incompatible with deployed DKIM signers and verifiers.
- [Dcrup] Deprecating algorithms Murray S. Kucherawy
- Re: [Dcrup] Deprecating algorithms Martin Thomson
- Re: [Dcrup] Deprecating algorithms Murray S. Kucherawy
- Re: [Dcrup] Deprecating algorithms Murray S. Kucherawy
- Re: [Dcrup] Deprecating algorithms Kurt Andersen