Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-crypto-03.txt

"John Levine" <johnl@taugh.com> Sun, 02 July 2017 02:57 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A2A85128B8F for <dcrup@ietfa.amsl.com>; Sat, 1 Jul 2017 19:57:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ni1fbtYLV2pm for <dcrup@ietfa.amsl.com>; Sat, 1 Jul 2017 19:57:13 -0700 (PDT)
Received: from miucha.iecc.com (w6.iecc.com [IPv6:2001:470:1f07:1126::4945:4343]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F6F4126B7F for <dcrup@ietf.org>; Sat, 1 Jul 2017 19:57:13 -0700 (PDT)
Received: (qmail 91139 invoked from network); 2 Jul 2017 02:57:12 -0000
Received: from unknown (64.57.183.18) by mail1.iecc.com with QMQP; 2 Jul 2017 02:57:12 -0000
Date: Sun, 02 Jul 2017 02:56:50 -0000
Message-ID: <20170702025650.55902.qmail@ary.lan>
From: John Levine <johnl@taugh.com>
To: dcrup@ietf.org
Cc: ekr@rtfm.com
In-Reply-To: <CABcZeBOs1yZ7q3oBgNeVkw=zSQb_SuS4hqK8BH0ebrD5LRYTFg@mail.gmail.com>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/MpkyPuCxNaDFGHEjR2k1gsk6V5E>
Subject: Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-crypto-03.txt
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Jul 2017 02:57:15 -0000

In article <CABcZeBOs1yZ7q3oBgNeVkw=zSQb_SuS4hqK8BH0ebrD5LRYTFg@mail.gmail.com> you write:
>In any case,  it's not true that eddsa keys are 256 bits. Eddsa keys are
>256 bits when you are using X25519 but not when you are using X448. To the
>extent to which you believe that it's redundant to have both non-FP and FP
>variants, the answer is to *always* use a fingerprint.

The only eddsa algorithm we're adding is ed25519.

The point of the fingerprints was to make it easier to use long RSA keys.  We're
stuck with unfingerprinted RSA keys because they're what we have now.

R's,
John