Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-crypto-03.txt
Peter Goldstein <peter@valimail.com> Tue, 04 July 2017 16:06 UTC
Return-Path: <peter@valimail.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FEDC13217D for <dcrup@ietfa.amsl.com>; Tue, 4 Jul 2017 09:06:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.019
X-Spam-Level:
X-Spam-Status: No, score=-1.019 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_FONT_FACE_BAD=0.981, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cu2zAgTIueRT for <dcrup@ietfa.amsl.com>; Tue, 4 Jul 2017 09:06:13 -0700 (PDT)
Received: from mail-qt0-x22d.google.com (mail-qt0-x22d.google.com [IPv6:2607:f8b0:400d:c0d::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 42D78132178 for <dcrup@ietf.org>; Tue, 4 Jul 2017 09:06:13 -0700 (PDT)
Received: by mail-qt0-x22d.google.com with SMTP id i2so168428268qta.3 for <dcrup@ietf.org>; Tue, 04 Jul 2017 09:06:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=YF++6bqZsM0PJpyDfoBibp9zBmVywWX3dE9yCLa10Y8=; b=gPGqQvtXOC5k54Wl0KhXHi3Rz5SMQ3SFsZJR7h3dti8G5ScV7Z0xpRtld5t68ZR+KW w/YmhcymbGXI5vG9Oq2TVMo924SBwqwN+YXxrdmjZ4QuLpboSIzQZyT5SukDQF8eyTVA 9z7Q/VfMuAxLPYwJZ7TBktlgnsCFohWMZ8yuV5Z9/xPFyE5sFqB9JmRV6vDoUZC/a7eU UvUvdMKG+6Cq93hazQi6BjGuL1OfOPbaclDbjFcWGDr91JGLBKvN8VHk/8Lbhw22sTyt TCq4h5qarFB+8fkXdPbrRfIYbKOqTgD7w/Id2Xr5XGX0u1f7B78l6Jqpag4NMOxXC8Ww ozcw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=YF++6bqZsM0PJpyDfoBibp9zBmVywWX3dE9yCLa10Y8=; b=mHMz5IH5hiMZuba3lrDqHsoN6VJKwbGvB6xBZJ93Bx+th8kv7SfEwqNg4TEqmLmF75 G+1MUsANIITRxUV6U1N/RIKt7+tu3rJJDjBW+t0irX9SMuFYvDJLgrs6WlyH8NJ2NrvF T141iKhGiSVzqJhQL5bnafbPnn1jKIAbh+6G5M/lvYROzKZD9IrKPpXQ44g/IbCEq+rr nyv8u5ik4csULC4Ksw0QL2bfuCvFlGx+VVgsNy54lHwWodsnPmcaNtUG0BNZlNjMiepZ +aNs2ehw5p2O6noyDPat9KcHBadLCSdGwk4xgwZWZGgrlc3kkKo7k8nbyHiZyOIhlrx4 FNBg==
X-Gm-Message-State: AIVw1108OeFSiBQIvwDp61ie+e8robyuUv/eYcYIHwVxec+YDOWUUEXM p6DC6iLZf5pLrwGud1S20rUgFF0GYJrDE8E=
X-Received: by 10.237.59.78 with SMTP id q14mr13180389qte.143.1499184372372; Tue, 04 Jul 2017 09:06:12 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.12.185.157 with HTTP; Tue, 4 Jul 2017 09:06:11 -0700 (PDT)
In-Reply-To: <alpine.OSX.2.21.1707041003440.81057@ary.qy>
References: <CABcZeBOs1yZ7q3oBgNeVkw=zSQb_SuS4hqK8BH0ebrD5LRYTFg@mail.gmail.com> <20170702025650.55902.qmail@ary.lan> <CABcZeBM4KEr5CEZq4t9BX50btCRPLhZBAtZN18v_6gZ5B-ni5A@mail.gmail.com> <alpine.OSX.2.21.1707012341180.70305@ary.qy> <CABcZeBOLSrYo8mEQ1evyU7CzctV0VF4r7_bX3nA0oxtHCeEgSQ@mail.gmail.com> <alpine.OSX.2.21.1707021544590.72907@ary.qy> <CABcZeBPbL9EgZhF9t6j1Nt9xU=97oNj1ssaVFaiS8Mgd573evA@mail.gmail.com> <CABcZeBP1w2GPQmfCzQnROunoeXHiB0jodYW7dY3W4tLf5GHDgw@mail.gmail.com> <alpine.OSX.2.21.1707021715300.73525@ary.qy> <CABcZeBPu-hD+0z4_7zJuU_kUog47q6bUf3Cm76L+pyCXgkVGQw@mail.gmail.com> <alpine.OSX.2.21.1707021824130.73724@ary.qy> <CABcZeBPqt3-5Vo1wO1fPPTKWGSHtooJ4wkqYqdjXMqtFE5XS6A@mail.gmail.com> <alpine.OSX.2.21.1707021912110.73724@ary.qy> <CABcZeBMyeUG0jHtCQkV4yVJfuUXYtUacQ2Adwt8gcj8QcmaM9w@mail.gmail.com> <A9D376FA-0C46-40B6-9E82-B46DFB67D462@bluepopcorn.net> <alpine.OSX.2.21.1707041003440.81057@ary.qy>
From: Peter Goldstein <peter@valimail.com>
Date: Tue, 04 Jul 2017 09:06:11 -0700
Message-ID: <CAOj=BA2vwvA03yK43Y_fSuF0QUi=Rwz2cnE-84QQwzNh7YgH2Q@mail.gmail.com>
To: John R Levine <johnl@taugh.com>
Cc: Jim Fenton <fenton@bluepopcorn.net>, dcrup@ietf.org
Content-Type: multipart/alternative; boundary="94eb2c095930f7eb090553800ff3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/u6LDyroSQo_suELMKMdfmcOmywQ>
Subject: Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-crypto-03.txt
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Jul 2017 16:06:15 -0000
I agree with John here. If we don't have even a single concrete notion of a future key type that would need fingerprinting, why should we try to bias the implementation in that direction? It's also not clear to me why fingerprints are the more 'general' solution. As John notes, fingerprints wind up using more time and space - an additional hash computation, and the addition of the base64 key to all signed messages. Fingerprints provide no benefit, other than a workaround for DNS crudware that can't handle multi-string TXT records. And in the EdDSA case it doesn't even provide that benefit. There's no compelling reason to make fingerprints the default. +1 to moving forward with the -03 draft. Best, Peter On Tue, Jul 4, 2017 at 8:09 AM, John R Levine <johnl@taugh.com> wrote: > I agree with ekr on this one: publishing a key fingerprint is the more >> general solution, even if right now we can't think of keys that require it >> other than RSA. So why not, in the future, always publish key fingerprints? >> > > 1) For the next decade or so, to the extent anyone uses a signature other > than plain rsa, I expect they'll use eddsa since it's faster than rsa > and the keys are smaller. (Librariess will have the code since they > need it to verify other people's signatures, the only question is > whether they use it, just like sha-1 and sha-256 body hashes now.) > Key hashes use more time and space while providing no benefit to eddsa > signatures. It doesn't seem like great design to pessimize the common > case. > > B) Barring surprises, eddsa should be good enough to last as long as DKIM > does. But if we have surprises, they tend to be, you know, surprising. > Maybe we'll switch to some other elliptic curve which has keys smaller > than 1100 bits, in which case key hashes still have no benefit. Or > maybe some mega-parellel rainbow table scheme will come out of left > field and we'll deprecate all of the sha-N hashes. It doesn't seem > like great design to plan for stuff that we can't predict and that will > probably never happen. Our crystal ball has never been great: back in > 2006 would anyone have suggested that crudware that can't handle > multi-string TXT records would be a design issue a decade later? > > iii) It seems unliely that Cisco will assert your patent, but until they > say something one way or the other, who knows. It'd be prudent to be > prepared for the eventuality, particularly since it costs us nothing to > do so. > > > Regards, > John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY > Please consider the environment before reading this e-mail. https://jl.ly > > _______________________________________________ > Dcrup mailing list > Dcrup@ietf.org > https://www.ietf.org/mailman/listinfo/dcrup > -- [image: logo for sig file.png] Bringing Trust to Email Peter Goldstein | CTO & Co-Founder peter@valimail.com +1.415.793.5783
- [Dcrup] I-D Action: draft-ietf-dcrup-dkim-crypto-… internet-drafts
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… John R Levine
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Eric Rescorla
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… John Levine
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Eric Rescorla
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… John R Levine
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Salz, Rich
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… John R Levine
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Salz, Rich
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Eric Rescorla
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Eric Rescorla
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… John R Levine
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Scott Kitterman
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Salz, Rich
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Salz, Rich
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Eric Rescorla
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Eric Rescorla
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Eric Rescorla
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… John R Levine
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Phillip Hallam-Baker
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Eric Rescorla
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… John R Levine
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Eric Rescorla
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… John R Levine
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Eric Rescorla
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… denis bider
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Jim Fenton
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… John R Levine
- Re: [Dcrup] I-D Action: draft-ietf-dcrup-dkim-cry… Peter Goldstein