Re: [Dcrup] Review of draft-ietf-dcrup-dkim-crypto-03

Eric Rescorla <ekr@rtfm.com> Mon, 10 July 2017 03:06 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F213313148C for <dcrup@ietfa.amsl.com>; Sun, 9 Jul 2017 20:06:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.618
X-Spam-Level:
X-Spam-Status: No, score=-1.618 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_FONT_FACE_BAD=0.981, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WNXxG4A9Ii12 for <dcrup@ietfa.amsl.com>; Sun, 9 Jul 2017 20:06:34 -0700 (PDT)
Received: from mail-yw0-x22f.google.com (mail-yw0-x22f.google.com [IPv6:2607:f8b0:4002:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75BEB131443 for <dcrup@ietf.org>; Sun, 9 Jul 2017 20:06:34 -0700 (PDT)
Received: by mail-yw0-x22f.google.com with SMTP id x125so30675122ywa.0 for <dcrup@ietf.org>; Sun, 09 Jul 2017 20:06:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Qn+CNZ+bOVnStrTS1zRNUZHAhcDGlbBHrlqsqGkgAEE=; b=anGIHrG5SGL+FzCxGVaogVUWSgg5uV4VsIwkeCQT60mKZFfPiv3B5LprBRzQLoPBtF SgIcQfYpJdOAYNt4MRBB+xR4pFfmhOkEig19Y8ApiO5URGToBJyEhvL53vADidqd2nQb 4Ym2TY2QQuoAFIqUFJ1nu2v/DIMZPmAAymN4mvEMOi7MDtIu77bNcLcADoX+NTKoAKel jrc0g0e3nnCXJfnVMPlkmPjelg3XRrHxrLB060GwVA4Sb/LIdvcQFTA47AK8IJ2e9hHK MRS9c+Uz0n2Uvk9YfEutZ9r1DYUXlLLgW9o/w2ozTOpg2Gx7IF0l33XqvvYBffvhwnw5 OYBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Qn+CNZ+bOVnStrTS1zRNUZHAhcDGlbBHrlqsqGkgAEE=; b=ENAVfzRU43lCRtvhNmoEt+rqBcRvKuDHVeR2dQBON0m2hvfDh3+BjdEZzD4/7QqxXf WqZYioLNRVC5dUqSCs3/PMicY4RMPxLJ4KkG0RTu0eBPs02vBR1yJ5fAjik/8CSGA91k ukjeG3hCcE9CyU7DiCt8DG1FiTqd8Yu3FmZVYIYTWW1cUdWlckzJ4jbL1JRK0go5S81M 7k7fmpEaevZDfymHskgBZApG9ehGwWkN9GkNiv7mVgYO/cRczHVkUmTniaBXT8OPO9lk DWmHdyvi3rb93kSdnLpH35ooRC8N6n+aHkHobKzjrJIc6smia3ImDpOdbxGL1UdoZDS+ iROg==
X-Gm-Message-State: AIVw111ro4KdHV11CB+xoyNcdISA3TtEKmERPlgerzaY6bzlgmm1yPb+ Mz7fp9R0elwILnHvor08/Z2GDs1xTQoL
X-Received: by 10.129.71.69 with SMTP id u66mr10677016ywa.270.1499655993762; Sun, 09 Jul 2017 20:06:33 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.13.215.9 with HTTP; Sun, 9 Jul 2017 20:05:53 -0700 (PDT)
In-Reply-To: <CAOj=BA0W67AGpzRurd8ue8ZhgLesfb6rdnutLy4dVnqwfVSu9A@mail.gmail.com>
References: <CABkgnnW8nnoRGKoJQ4STAcT6CXdWFRCpz0h20hw+ksfw1x0PGg@mail.gmail.com> <6d4b76c9b42848f1b18c42ba22895993@usma1ex-dag1mb1.msg.corp.akamai.com> <CABcZeBM-qh+iW_+Br2URpdjHsLZ_L1xqZWUVirW-8-E7k4cvzg@mail.gmail.com> <564f297f17424f34b4ba1e118ab6f62c@usma1ex-dag1mb1.msg.corp.akamai.com> <D4D564D0-73C6-45CA-9962-33106229DE02@bluepopcorn.net> <220DB06A-E06D-4DAF-ADE6-7536B6E43630@callas.org> <aeee2c9019114d9789a2cd768f0b15e1@usma1ex-dag1mb1.msg.corp.akamai.com> <F16764CE-D4C4-4A48-9779-37BC8C2D1261@bluepopcorn.net> <CADPMZDB03S5ffc3_Ker=h08japc2PGAbch3F=+jRL9ZBjCzs3w@mail.gmail.com> <CABcZeBNnVrgW7J2nr3ds+++Lau4LRxa2EG69vywyBmBu+uzuPw@mail.gmail.com> <CAOj=BA0W67AGpzRurd8ue8ZhgLesfb6rdnutLy4dVnqwfVSu9A@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Sun, 09 Jul 2017 20:05:53 -0700
Message-ID: <CABcZeBMfY2TN0rQMt3n8FDSAKOxjkt-nKoWQF7Q2O7nZ4azaaA@mail.gmail.com>
To: Peter Goldstein <peter@valimail.com>
Cc: denis bider <denisbider.ietf@gmail.com>, Jim Fenton <fenton@bluepopcorn.net>, "Salz, Rich" <rsalz@akamai.com>, "dcrup@ietf.org" <dcrup@ietf.org>, Martin Thomson <martin.thomson@gmail.com>, Jon Callas <jon@callas.org>
Content-Type: multipart/alternative; boundary="001a114d71eccb42450553eddebe"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/LTzvjfjgjFp2_OmFP4YSiLkkx4E>
Subject: Re: [Dcrup] Review of draft-ietf-dcrup-dkim-crypto-03
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Jul 2017 03:06:36 -0000

On Sun, Jul 9, 2017 at 8:02 PM, Peter Goldstein <peter@valimail.com> wrote:

> Moreover, QC isn't the only possible event that could cause us to wish to
>> have larger keys. There might be a modest improvement in dlog that would
>> make Curve25519 problematic but Curve448 or P-521 comfortable (indeed, this
>> is how we got to the point where we wish to have RSA keys > 1024).
>
>
>>
> Support for larger keys isn't the issue at hand.  The issue is the 255
> character limit imposed by the DNS crudware.  And I think keys for each of
> those curves easily fit under the limit.
>

I'm referring to the claim that hashing doesn't provide any value. For any
curve > 256 bits, it does.


As for QC, I think John's point earlier in the thread isn't that QC will
> require larger keys - but rather than real QC would require fundamental
> reconsideration of DKIM as a whole.
>

It's not clear to me why that would be true, given that the target for
post-quantum algorithms is to have them be drop-in replacements for the
existing algorithms, albeit with inferior performance.

-Ekr


> Best,
>
> Peter
>
> --
>
>
> [image: logo for sig file.png]
>
> Bringing Trust to Email
>
> Peter Goldstein | CTO & Co-Founder
>
> peter@valimail.com
> +1.415.793.5783 <(415)%20793-5783>
>