[Dcrup] rsa-sha1 usage
James Cloos <cloos@jhcloos.com> Mon, 12 June 2017 21:00 UTC
Return-Path: <cloos@jhcloos.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 476AF12702E for <dcrup@ietfa.amsl.com>; Mon, 12 Jun 2017 14:00:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=jhcloos.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bgYJTKHaXRDZ for <dcrup@ietfa.amsl.com>; Mon, 12 Jun 2017 14:00:45 -0700 (PDT)
Received: from ore.jhcloos.com (ore.jhcloos.com [IPv6:2604:2880::b24d:a297]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A5FC1296CF for <dcrup@ietf.org>; Mon, 12 Jun 2017 14:00:45 -0700 (PDT)
Received: by ore.jhcloos.com (Postfix, from userid 10) id 42E521E0FE; Mon, 12 Jun 2017 21:00:44 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jhcloos.com; s=ore17; t=1497301244; bh=JPqOQzjUYQSXMp5K2VXM8ciU3ykLOchW/k40DU6w5vk=; h=From:To:Subject:Date:From; b=WjMYUh90mtjh56NmOkOOZImmaBPGdiW8JKTlxbp02QweKWNocKYjuui9qEbrw+xDo qaG4NfToLfi27Tj66+iPNgjtosqooHHdQkgMnyV/ujQXAmBPKlTmRjWfqMZkWXZ7ny PDJnAhQTKl2ZKs4kXoKRCUC3u4rlcnY7ujs/8DmeL7c2TlYmG/ldTDKXOUwidlBzIp svH9tzbDz9IctWur2il1g5Nsyv9sR4DnND5FAYlVCBWRY8uXUOAGJsZgWLwUnXlY2E 6BhOMCKECBdJgWW0baSHzEjoYxMR+cGp3eLmqyPOhfFUyenFlnTDLcZa+gbD7APA4u 2D26DTN4CFPrw==
Received: by carbon.jhcloos.org (Postfix, from userid 500) id B4A66107B7BE1; Mon, 12 Jun 2017 21:00:38 +0000 (UTC)
From: James Cloos <cloos@jhcloos.com>
To: dcrup@ietf.org
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux)
Face: iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAgMAAABinRfyAAAACVBMVEX///8ZGXBQKKnCrDQ3 AAAAJElEQVQImWNgQAAXzwQg4SKASgAlXIEEiwsSIYBEcLaAtMEAADJnB+kKcKioAAAAAElFTkSu QmCC
Copyright: Copyright 2016 James Cloos
OpenPGP: 0x997A9F17ED7DAEA6; url=https://jhcloos.com/public_key/0x997A9F17ED7DAEA6.asc
OpenPGP-Fingerprint: E9E9 F828 61A4 6EA9 0F2B 63E7 997A 9F17 ED7D AEA6
Date: Mon, 12 Jun 2017 17:00:38 -0400
Message-ID: <m38tkw53bd.fsf@carbon.jhcloos.org>
Lines: 17
MIME-Version: 1.0
Content-Type: text/plain
X-Hashcash: 1:28:170612:dcrup@ietf.org::1eyjAE+8kVcwGCc0:000JAp5
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/fYkOS9l4SftDNPBegZCt2Pp_rYQ>
Subject: [Dcrup] rsa-sha1 usage
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Jun 2017 21:00:48 -0000
I looked at a corpus of email from this year. 3265010 emails, including all of spam, good automated and good from humans. The vast majority of the latter were deliverred via mailing lists. Just under half (1443757) had a dkim sig. The ratio of rsa-sha256 to rsa-sha1 was 1244650:198495 which reduces to about 6.270:1. So there is a ways to do before sha1 signers disappear. Nonetheless, I still agree that the update should deprecate sha1. -JimC -- James Cloos <cloos@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
- [Dcrup] rsa-sha1 usage James Cloos
- Re: [Dcrup] rsa-sha1 usage Brandon Long
- Re: [Dcrup] rsa-sha1 usage Brandon Long
- Re: [Dcrup] rsa-sha1 usage Murray S. Kucherawy
- Re: [Dcrup] rsa-sha1 usage Brandon Long
- Re: [Dcrup] rsa-sha1 usage Scott Kitterman
- Re: [Dcrup] rsa-sha1 usage James Cloos
- Re: [Dcrup] rsa-sha1 usage Peter Goldstein
- Re: [Dcrup] rsa-sha1 usage Salz, Rich
- Re: [Dcrup] rsa-sha1 usage Murray S. Kucherawy
- Re: [Dcrup] rsa-sha1 usage Jim Fenton
- Re: [Dcrup] rsa-sha1 usage Eric Rescorla
- Re: [Dcrup] rsa-sha1 usage Phillip Hallam-Baker
- Re: [Dcrup] rsa-sha1 usage Scott Kitterman
- Re: [Dcrup] rsa-sha1 usage James Cloos
- Re: [Dcrup] rsa-sha1 usage Murray S. Kucherawy
- Re: [Dcrup] rsa-sha1 usage Jim Fenton
- Re: [Dcrup] rsa-sha1 usage Phillip Hallam-Baker
- Re: [Dcrup] rsa-sha1 usage Murray S. Kucherawy
- Re: [Dcrup] rsa-sha1 usage Jim Fenton
- Re: [Dcrup] rsa-sha1 usage Scott Kitterman
- Re: [Dcrup] rsa-sha1 usage Murray S. Kucherawy
- Re: [Dcrup] rsa-sha1 usage Scott Kitterman
- Re: [Dcrup] rsa-sha1 usage Jim Fenton
- Re: [Dcrup] rsa-sha1 usage Phillip Hallam-Baker
- Re: [Dcrup] rsa-sha1 usage denis bider
- Re: [Dcrup] rsa-sha1 usage Seth Blank
- Re: [Dcrup] rsa-sha1 usage Murray S. Kucherawy
- Re: [Dcrup] rsa-sha1 usage Scott Kitterman
- Re: [Dcrup] rsa-sha1 usage Murray S. Kucherawy
- Re: [Dcrup] rsa-sha1 usage Salz, Rich
- Re: [Dcrup] rsa-sha1 usage Phillip Hallam-Baker
- Re: [Dcrup] rsa-sha1 usage Peter Goldstein
- Re: [Dcrup] rsa-sha1 usage John Levine
- Re: [Dcrup] rsa-sha1 usage Hector Santos