IETF Logo Mail Archive

Re: [Dcrup] rsa-sha1 usage

Seth Blank <seth@valimail.com> Wed, 14 June 2017 10:02 UTC

Return-Path: <seth@valimail.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 724DB1271FD for <dcrup@ietfa.amsl.com>; Wed, 14 Jun 2017 03:02:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kpbBhugZ_1dy for <dcrup@ietfa.amsl.com>; Wed, 14 Jun 2017 03:02:39 -0700 (PDT)
Received: from mail-qk0-x232.google.com (mail-qk0-x232.google.com [IPv6:2607:f8b0:400d:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F36B6129B55 for <dcrup@ietf.org>; Wed, 14 Jun 2017 03:02:38 -0700 (PDT)
Received: by mail-qk0-x232.google.com with SMTP id g83so22925663qkb.3 for <dcrup@ietf.org>; Wed, 14 Jun 2017 03:02:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=2RzzrsTlX9IwbJNlBPEvkQItX/m9W3iJh946WR+cEUI=; b=EJS7Q6f+gZzh7Fj0fgo/K71cRI+anYpZU0UQ3qQm5VNzbt3+p7P2feguZpPS/pOzw2 p6WFbO5FJxiiyob6FW6/vt9ZeNuGAUEEaASr5rhtn9HxGMoixPiXyD/T+/bYvAwpT4EI k4e6fN/e2ywENI8nleNSr90S61NbfjL74Zp76cW4NCs85CO+CvJ4Jnx851jEst9ZZpuM qtRGIDDxgSE2+6w0fSoun/QpGeCnJ4ec6LWcftt2L0OdNNJobWePRdJ2oj7+chxun54k 5zodDHcKVZJjJSxotNBUET1OGXEcY5OPWwuG3vIzhy+emkGWU/8aXBzEUEL/beYETdwT 2irQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=2RzzrsTlX9IwbJNlBPEvkQItX/m9W3iJh946WR+cEUI=; b=LG/kHI0mBCORNiyfSCN5erqc4N+KnTHx8U6iv02bWm+W2lskoOIyZSKkCYTueL5PeL jBYTti1iSMf8E/TDIX5d8yuoeI37rrT95zttXi7HtxZTOJM+Nw4uoDVDxYk4i47Ox8eo kxvwmBjHPJm9dIbJUaxXFpV/HFLilpD2MpeNRQteZCcP455AIh+qMjxM7K1HoBOLn7A3 rgO9eTaXZXBcrcIMxUfmkYrfQbv10X62Xi0JKElwF12921VUe22/UoJeu8EGbY7A2F6Q RiZ6tZFPTKrm+Q6xKrsTlGIWjgcon8hYzekGr8KkCQ6+Dl2DBWMA2ZluPL4NHhlxOphD oINg==
X-Gm-Message-State: AKS2vOxMcDWt+pqDWiSFxbXB4Udb+Kxgn9aeAgSAznAxcvkhvnSXLSpa Z/o0rP4YteWxeFN9vQEUneiZqfqTzCK2oo4=
X-Received: by 10.55.44.129 with SMTP id s123mr4820409qkh.137.1497434557765; Wed, 14 Jun 2017 03:02:37 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.200.43.27 with HTTP; Wed, 14 Jun 2017 03:02:17 -0700 (PDT)
In-Reply-To: <CAMm+LwiPpPXbebhuKguRGzjtOMXv-=t9vS951R2nLSbjj+167Q@mail.gmail.com>
References: <m38tkw53bd.fsf@carbon.jhcloos.org> <CABa8R6s6rzc+Ky8sLWcK7NtforSksEhNRkWVeF=k1v8GC80knw@mail.gmail.com> <m3wp8gpx20.fsf@carbon.jhcloos.org> <CAOj=BA2O+Hf2VGOtbmnqY2M5J9u8uJ7wm7SxEW551SXBwDdanw@mail.gmail.com> <5bf52517591d4950aec335d31bcf3631@usma1ex-dag1mb1.msg.corp.akamai.com> <aa52134a-ac20-bd70-8834-1598a8eaa536@bluepopcorn.net> <29B74569-6BB3-43F8-9549-566DA405B1FF@kitterman.com> <CAL0qLwaqPwb+cNhRCWLBp2qjTWtS65JAvstc9GfrhDDXRv+d6w@mail.gmail.com> <57fda1d5-b0b7-f226-60db-7f4c47233fc7@bluepopcorn.net> <CAL0qLwbFE5PzpOWzn-DwQ2D0z0=OAtEJLnwBbq2hk2SK2pc4Bg@mail.gmail.com> <87dfdc8c-5acc-e51e-a6d3-1e35611419b7@bluepopcorn.net> <BFDFAA4E-F253-497A-9881-D2223B45037A@kitterman.com> <CAMm+LwiPpPXbebhuKguRGzjtOMXv-=t9vS951R2nLSbjj+167Q@mail.gmail.com>
From: Seth Blank <seth@valimail.com>
Date: Wed, 14 Jun 2017 11:02:17 +0100
Message-ID: <CAOZAAfPKvChF7wmsZ6mhsJ6VaArJ2AC+CqM1voY_RbHJ6WGr5Q@mail.gmail.com>
To: dcrup@ietf.org
Content-Type: multipart/alternative; boundary="001a114f4440e3eb120551e8a6ef"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/catq4ytjx2uOWSppQp0KmD56PTQ>
Subject: Re: [Dcrup] rsa-sha1 usage
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jun 2017 10:02:41 -0000

On Wed, Jun 14, 2017 at 5:24 AM, Phillip Hallam-Baker <phill@hallambaker.com
> wrote:
>
> It is a two step process in my view. First you rip out the generate,
> then once the transition is complete, you rip out the accept.
>

I disagree. SHA-1 has been deprecated for far too long, but is still in
wide use by major players. I'd argue step 1 was taken ages ago (with a
SHOULD, not a MUST, but still...) and we're at step 2 *now* because senders
aren't complying with up-to-date crypto standards on their own.

While a large number of senders may not pay attention to language in an
RFC, in my experience the verifiers have a strong incentive to follow the
RFC language to a tee whenever possible to maximize interoperability. And
the senders don't change unless the receivers make them.

At this point, why don't we call a spade a spade, and say that the only way
to kill SHA-1 in the wild dead is by saying verifiers MUST NOT verify
SHA-1. Then the verifiers will do what they always do, and reach out to
those not playing by standards and say "upgrade your implementation or
it'll start being rejected in 90 days" and letting the problem solve itself.

I believe this is exactly what draft-01 accomplishes.

v2.30.2 | Report a Bug | By Email | System Status