IETF Logo Mail Archive

Re: [Dcrup] draft-ietf-dcrup-dkim-crypto-00

Peter Goldstein <peter@valimail.com> Sat, 20 May 2017 01:10 UTC

Return-Path: <peter@valimail.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 425311200C1 for <dcrup@ietfa.amsl.com>; Fri, 19 May 2017 18:10:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.318
X-Spam-Level:
X-Spam-Status: No, score=-0.318 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_FONT_FACE_BAD=0.981, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uJ-DBrc_RqCP for <dcrup@ietfa.amsl.com>; Fri, 19 May 2017 18:10:03 -0700 (PDT)
Received: from mail-qk0-x22e.google.com (mail-qk0-x22e.google.com [IPv6:2607:f8b0:400d:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EB71B1252BA for <dcrup@ietf.org>; Fri, 19 May 2017 18:10:02 -0700 (PDT)
Received: by mail-qk0-x22e.google.com with SMTP id a72so73604589qkj.2 for <dcrup@ietf.org>; Fri, 19 May 2017 18:10:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=79HPzks1NK2LsycnoCIVwVDB0Fe3GDcHBn72vip19iI=; b=gKtko0L8KYs3AdjLO90QO7/pT0o7FaWzl11KSIYQEq/f7HuSr1xODRJ94+2NE/5/GV Grq5Tp7liJu9embJFX7MwFVibc1u9uxLtnZSYw+Prwcy+SfgqlvgRdhX2qnlNR+DBkmF VoqNELjiUuWZkTmWLcQKcaNzaeEgg+vcJnXhY3gbYvMTC0La3HD8KiSgAfGUcnR4L3GR uSs1VS2+QR+Eq7QXA8HoJd6SFR+TTRHeeWI2mwOBJbwfsx3s/R116cH5tDLM7PZTRgC8 ka7mG2STMwbxBJvOREPP1H35IpGJZPE6JSU+D8+HbLb4KfrGJIsj0KHef9EYPflhVfzT GLuw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=79HPzks1NK2LsycnoCIVwVDB0Fe3GDcHBn72vip19iI=; b=ityDwxOojTd9L/jV0tSxLgAyqaZXM/An+bhlivBgyT+PIiNuROk0YW6kTQFRDzCZR6 IEGoci4tou2wyU3IhENug0MerkaO1M40i2zJymKlrYvJEOYu2mDd+QEUtg70876pBwSr vSBf8orxuD5mA0ujIvMKmAvr3P6ZJPlY+BoXMTLufbvODOOYooUzupzSHjNokcrPrPw9 CsB8AMmuyRJ4QxCR9Lp7p44bkphuJmq666542A90alUAQwngOWN56R0clVzuGWzHF1zJ JrqXX8xafw6J5B1oS72Vjt8jKrCT2x5xfCkfIBTMVDau8ckLL85e4/SNq0qtW7z0XNwT bWyw==
X-Gm-Message-State: AODbwcBWCVmyHumkqpR1nkv5CmyJsPHCOakilN6izGCVpcggElHDH8CX I28RMUYIqg0ThM/f5NKKeoLPLyYrbmjYfFE=
X-Received: by 10.55.183.67 with SMTP id h64mr11261564qkf.218.1495242602114; Fri, 19 May 2017 18:10:02 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.12.185.152 with HTTP; Fri, 19 May 2017 18:10:01 -0700 (PDT)
In-Reply-To: <alpine.OSX.2.21.1705192102340.7697@ary.qy>
References: <alpine.OSX.2.21.1705192102340.7697@ary.qy>
From: Peter Goldstein <peter@valimail.com>
Date: Fri, 19 May 2017 18:10:01 -0700
Message-ID: <CAOj=BA3H5_fw8N+qMN=EPXL7=PdFNBBByB_UNDZi4n+CXT=b7g@mail.gmail.com>
To: "John R. Levine" <johnl@iecc.com>
Cc: dcrup@ietf.org
Content-Type: multipart/alternative; boundary="94eb2c06028e270d13054fea4ce2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/kmnhAbichQoq-d9PDj9whcF1Hjs>
Subject: Re: [Dcrup] draft-ietf-dcrup-dkim-crypto-00
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 May 2017 01:10:05 -0000

Yes, sorry.  You're right - it's the 255 byte limit of the individual
strings that's the issue.

And yes, the crudware will never be updated.

Best,

Peter

On Fri, May 19, 2017 at 6:03 PM, John R. Levine <johnl@iecc.com> wrote:

> In article <CAOj=BA0gKP9x5jgkZEUJD-EJvRSwC0dgmijwbDirsCQT4z0E4Q@mail.
> gmail.com>,
> Peter Goldstein  <peter@valimail.com> wrote:
>
>> The challenges with 2048 bit RSA are largely an issue of the limitations
>> of
>> the DNS infrastructure in use by the sending domain.  In some DNS
>> managers,
>> the Web UIs (and occasionally the underlying infrastructure) don't allow
>> domain owners to enter records that are larger than 512 octets.  Users of
>> these DNS managers generally cannot provision 2048 bit key DKIM TXT
>> records. ...
>>
>
> The problem isn't the 512 byte limit, since a 2K key is under 400
> bytes.  The problem is provisioning crudware that can't create TXT
> records with two strings.  But until the crudware is updated, which
> will likely be never, it's a problem.
>
> R's,
> John
>
>
> _______________________________________________
> Dcrup mailing list
> Dcrup@ietf.org
> https://www.ietf.org/mailman/listinfo/dcrup
>



-- 


[image: logo for sig file.png]

Bringing Trust to Email

Peter Goldstein | CTO & Co-Founder

peter@valimail.com
+1.415.793.5783

v2.23.0 | Report a Bug | By Email