IETF Logo Mail Archive

Re: [Dcrup] rsa-sha1 usage

Scott Kitterman <sklist@kitterman.com> Wed, 14 June 2017 03:35 UTC

Return-Path: <sklist@kitterman.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BE5B12948B for <dcrup@ietfa.amsl.com>; Tue, 13 Jun 2017 20:35:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=kitterman.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bI6wUKFvacVn for <dcrup@ietfa.amsl.com>; Tue, 13 Jun 2017 20:35:48 -0700 (PDT)
Received: from mailout03.controlledmail.com (mailout03.controlledmail.com [208.43.65.50]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A53AA12946C for <dcrup@ietf.org>; Tue, 13 Jun 2017 20:35:48 -0700 (PDT)
Received: from android-df929938bd25e485.home.kitterman.com (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mailout03.controlledmail.com (Postfix) with ESMTPSA id CCBBAC40593; Tue, 13 Jun 2017 22:35:46 -0500 (CDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kitterman.com; s=201409; t=1497411346; bh=/12iL8mdNFrzXhsZ+cngrtrUKoD1zbGiQj8LHRTZUUQ=; h=Date:In-Reply-To:References:Subject:To:From:From; b=SSdwBG7cgJfU0IALXP8ggILxfh2FmNrZeaE48t0ex7jzsWGn77nIaI03xI+Hr5Kke gjQHEplE6hZGDr2sroTgyKnAgnB1keslp2MUFfD5QGNkpYhYK2emIvA+K0yqKyP6jn CzTh9RX/YHJ8XxHQtaNqt5dMQ1sxgQYGPqkPYgKY=
Date: Wed, 14 Jun 2017 03:35:35 +0000
In-Reply-To: <CAL0qLwbFE5PzpOWzn-DwQ2D0z0=OAtEJLnwBbq2hk2SK2pc4Bg@mail.gmail.com>
References: <m38tkw53bd.fsf@carbon.jhcloos.org> <CABa8R6s6rzc+Ky8sLWcK7NtforSksEhNRkWVeF=k1v8GC80knw@mail.gmail.com> <m3wp8gpx20.fsf@carbon.jhcloos.org> <CAOj=BA2O+Hf2VGOtbmnqY2M5J9u8uJ7wm7SxEW551SXBwDdanw@mail.gmail.com> <5bf52517591d4950aec335d31bcf3631@usma1ex-dag1mb1.msg.corp.akamai.com> <aa52134a-ac20-bd70-8834-1598a8eaa536@bluepopcorn.net> <29B74569-6BB3-43F8-9549-566DA405B1FF@kitterman.com> <CAL0qLwaqPwb+cNhRCWLBp2qjTWtS65JAvstc9GfrhDDXRv+d6w@mail.gmail.com> <57fda1d5-b0b7-f226-60db-7f4c47233fc7@bluepopcorn.net> <CAL0qLwbFE5PzpOWzn-DwQ2D0z0=OAtEJLnwBbq2hk2SK2pc4Bg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
To: dcrup@ietf.org
From: Scott Kitterman <sklist@kitterman.com>
Message-ID: <182B1730-A277-4E7F-ACFF-F51E766173BB@kitterman.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/mhsKR2gH0Asgl6iA3S3s-Btcq0g>
Subject: Re: [Dcrup] rsa-sha1 usage
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jun 2017 03:35:50 -0000


On June 13, 2017 11:16:11 PM EDT, "Murray S. Kucherawy" <superuser@gmail.com> wrote:
>On Tue, Jun 13, 2017 at 6:55 PM, Jim Fenton <fenton@bluepopcorn.net>
>wrote:
>
>> That being the case, why do we think people will pay attention to a
>MUST
>> NOT today?
>>
>>
>> Because implementations will stop supporting rsa-sha1, forcing the
>issue
>> for any who upgrade. I'm all for having them stop supporting signing
>with
>> rsa-sha1, but they should continue to support verification for a
>while.
>>
>
>We can't have this logic both ways.  Scott claimed nobody pays
>attention to
>the advice in RFCs ("Operational practice​ isn't closely coupled with
>standards changes").  If that's true, then there's no meat to a MUST
>NOT
>anyway, and it really only matters what people will implement.  And if
>that's true, then saying current implementations neither sign with nor
>verify "rsa-sha1" because it's deprecated suffices, and we're done.

What I should have said is sometimes standards lead and sometimes they follow.  Bumping up the minimum RSA key size is the standards community catching up to what the operational community did half a decade ago.  OTOH, I think rsa-sha1 usage will decline once there is strong MUST NOT guidance published.  Not immediately, but considering the mail system development, deployment, upgrade life cycle it's much better to give things a good push in that direction now, before its time to panic..

Scott K

v2.43.4 | Report a Bug | By Email | System Status