Re: [Dcrup] Time For People To Really Stop Using SHA-1 Signatures?

Hector Santos <hsantos@isdg.net> Tue, 14 January 2020 18:13 UTC

Return-Path: <hsantos@isdg.net>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F336D120B3F for <dcrup@ietfa.amsl.com>; Tue, 14 Jan 2020 10:13:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isdg.net header.b=QuPHnxI8; dkim=pass (1024-bit key) header.d=beta.winserver.com header.b=WaG8l6Tw
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CANCxSp3KN58 for <dcrup@ietfa.amsl.com>; Tue, 14 Jan 2020 10:13:42 -0800 (PST)
Received: from mail.winserver.com (groups.winserver.com [76.245.57.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03F2A120AE2 for <dcrup@ietf.org>; Tue, 14 Jan 2020 10:13:41 -0800 (PST)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=1795; t=1579025611; atps=ietf.org; atpsh=sha1; h=Received:Received:Received:Received:Message-ID:Date:From: Organization:To:Subject:List-ID; bh=8Yi6ifM4WA5c0k8cs20o1OOIbf4=; b=QuPHnxI8/RtXjv6HlADze68lx/kvQtyQhlsYDZgsTLurzefUxttzEbira5nJzg NwXEHgtQOHmITfb+YwQ74bY4su1gZxMvukMqSSthlXnFbYio+qqHdI7c8U20eFkG 0f2CVaRhNA9oDbj7e2qmu37+9C6+5Y2K7ls8Otg3cpkhA=
Received: by winserver.com (Wildcat! SMTP Router v8.0.454.9) for dcrup@ietf.org; Tue, 14 Jan 2020 13:13:31 -0500
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; dmarc=pass policy=reject author.d=isdg.net signer.d=beta.winserver.com (atps signer);
Received: from beta.winserver.com ([76.245.57.74]) by winserver.com (Wildcat! SMTP v8.0.454.9) with ESMTP id 2637966025.1.3044; Tue, 14 Jan 2020 13:13:30 -0500
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=1795; t=1579025414; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=7PYCpSP mD6j+PjiCy/HenI7LrSZMWSMSSpSWsEaKjng=; b=WaG8l6TwjhaSK0Rb27v2pNG ItqIyKBU0pdtc7ZitG2BtXfHD497vr9sAsgf5PvCmf+vukNk0WMSCL6QTrrBg9YX z7wNkHuGtBaXugByMNeXdTRDp/sdWZ0WUVDkrppf4nP9/kbTN4Yu7PJoUwuMnXon DsoKntkCL5ZIvICM4ivk=
Received: by beta.winserver.com (Wildcat! SMTP Router v8.0.454.9) for dcrup@ietf.org; Tue, 14 Jan 2020 13:10:14 -0500
Received: from [192.168.1.68] ([75.26.216.248]) by beta.winserver.com (Wildcat! SMTP v8.0.454.9) with ESMTP id 3200594375.1.11900; Tue, 14 Jan 2020 13:10:13 -0500
Message-ID: <5E1E04C8.2030408@isdg.net>
Date: Tue, 14 Jan 2020 13:13:28 -0500
From: Hector Santos <hsantos@isdg.net>
Reply-To: hsantos@isdg.net
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.8.1
MIME-Version: 1.0
To: dcrup@ietf.org
References: <1836468.B6t98xBJ9D@l5580> <9c3b08b1-909c-197c-2c7a-1c7eff660202@bluepopcorn.net> <5E1DD3B8.5030507@isdg.net> <2930903.4jkiU04MHV@l5580> <F80DADAA-95C4-4D0F-9435-FF7C82263A1A@akamai.com> <5E1DFA77.8070303@isdg.net> <AF511F1B-D140-4C31-9A49-40CF90BFD2BF@akamai.com>
In-Reply-To: <AF511F1B-D140-4C31-9A49-40CF90BFD2BF@akamai.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/vJQZ26qb64sk1Zndb_5CMf3TbOQ>
Subject: Re: [Dcrup] Time For People To Really Stop Using SHA-1 Signatures?
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jan 2020 18:13:48 -0000

On 1/14/2020 12:32 PM, Salz, Rich wrote:
> Hector,
>
> Thank you for your efforts.
>
> The WG decided that the standards-track is to move away from SHA1.  Saying otherwise sows confusion; please stop.

Aw come on. Give people more credit, ok? I doubt it will confuse 
anyone but your reaction certainly is.

I am not trying to resurrect SHA1.   What was the point of this thread?

No one every disputed SHA1 was potentially vulnerable. So was the 
question if this new method made a difference?  Not to me.  But if I 
read the article right,  I read something about the OpenSSL team using 
the new clobber method as justification to remove it from the API. 
Was that the goal here? And for Developers to finally remove it from 
their implementations?  If so, hear me now -- I strongly believe it 
would be mistake at multiple levels to pull SHA1 from DKIM and APIs. 
It will instantly cause problems -- immediately.  That's "Hurting the 
Internet' so how dare you say I will be hurting the internet and 
confusion others.   Even if it is pulled from OpenSSL, I will add it 
back in promoting API deviations which I hate to do.

For this WG and in older DKIM WG, as I stated always, I supported the 
deprecation -- always day one, but not the removal. That is why the 
STD is written as it is-- it was the consensus.   Today, nothing has 
changed but this WG wanted to do a new hash which loads high overhead 
on others, and also remove SHA1.  You can mandate it with WG but I 
disagree with the idea of a complete removal.  I am not about to 
remove sha1 from my package by virtual of a future OpenSSL removing 
it, and then have to endure immediate support issues and reports from 
a customer complaining about some new DKIM failure they never had before.

I'm done with this one.

-- 
HLS