IETF Logo Mail Archive

Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-usage-04.txt

Alexey Melnikov <aamelnikov@fastmail.fm> Thu, 02 November 2017 15:08 UTC

Return-Path: <aamelnikov@fastmail.fm>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9142A13FAB0 for <dcrup@ietfa.amsl.com>; Thu, 2 Nov 2017 08:08:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.719
X-Spam-Level:
X-Spam-Status: No, score=-2.719 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmail.fm header.b=Q3G+cz87; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=g9dRRORw
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lqUDM82bWuEu for <dcrup@ietfa.amsl.com>; Thu, 2 Nov 2017 08:08:16 -0700 (PDT)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A14B13FA9F for <dcrup@ietf.org>; Thu, 2 Nov 2017 08:08:16 -0700 (PDT)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 83B2620DD3; Thu, 2 Nov 2017 11:08:15 -0400 (EDT)
Received: from web5 ([10.202.2.215]) by compute7.internal (MEProxy); Thu, 02 Nov 2017 11:08:15 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.fm; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; bh=/rkg7RFMtd3ew2sDtopTrlMsdezj8 DhPT9NfNfCpwwM=; b=Q3G+cz8790SmUvyxDs6ewHsa+nt1lbRXvHqasempFMJUn RiHGpwF10E+gWI/+UlCE8yYmrhUWWYFwEXw0Xnp8u7QkVwqMbF6BJzNe/RlJNDEf jGsYvOruQZxlYhTE1jDGcaMCseWSuh3B2QBhlggD21pgUqnwHbRRsUR+h6gFYb+q cn3FIMdhtriMo+T1v/8O9+957irZHGUCoZ26spNz0Ca+DUkv/zf0ho2LiB1+B3Dy +P3t+HOHDOGoz0Sou6lbwOkLoK0q/FCJtlFaaU3dKUFgm+xEMTMPfU4pVPd1YPuw XDjE0RTKSRbKYXhGg3aSkmb3CxpQ+YgGyrjcmeAUg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=/rkg7R FMtd3ew2sDtopTrlMsdezj8DhPT9NfNfCpwwM=; b=g9dRRORwAXIeubV0YVFI8i mW24jjUlLmkSUtT9iQj16F/2hYmRFk4IoVlPzPa3csgpv4hErzKjN+aE21TS5zfi h4jI5IcEoHgswNGE0xWlza+ZTac1DzeU7oWXPgIXhUPbxKtK/R4cjpijKEUIvY+2 GXV8mn33V861s41jase1gRO/jRNd6n/1GUX3KF2CaXf+6g8vJsYQCpe6/AcP/kH6 iGLJ8oVteDaZcjsWTQOeLBR3enQ+6MAx3YoW2MsCY2Mt3cYN6X05fxdGAuj5Iwtp TchdL+2ykEbNjBF+fKrbAqTtppAfMwiEKPgK9JrhdqKLIBMO+p4AdypkMCnBHOlQ ==
X-ME-Sender: <xms:3zT7WfYRr79Wc29yIadl6hHpP64HbWr6-2-8jo10SHz0wLfIoZgFtg>
Received: by mailuser.nyi.internal (Postfix, from userid 99) id 6696C9E2E8; Thu, 2 Nov 2017 11:08:15 -0400 (EDT)
Message-Id: <1509635295.3915594.1159426944.0FC7FF67@webmail.messagingengine.com>
From: Alexey Melnikov <aamelnikov@fastmail.fm>
To: "Murray S. Kucherawy" <superuser@gmail.com>, Scott Kitterman <sklist@kitterman.com>
Cc: dcrup@ietf.org
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: multipart/alternative; boundary="_----------=_150963529539155940"
X-Mailer: MessagingEngine.com Webmail Interface - ajax-66b6e65c
Date: Thu, 02 Nov 2017 15:08:15 +0000
References: <1504117534.496823.1090155768.0E7DA2E2@webmail.messagingengine.com> <CAL0qLwbz3AsKdvZXPfopBO7MY+f3mcY0Ae_yStAWkRJnqGGGEQ@mail.gmail.com> <1504117985.498428.1090164600.651D13E7@webmail.messagingengine.com> <CAL0qLwYuBK55=+ANGLoPk0EazHjsgUcWcgWgo7ptA4QUqD+4aA@mail.gmail.com> <1504177085.2153024.1090910512.3EA32E07@webmail.messagingengine.com> <CAL0qLwYM_k7gUDWX8=ZNoROj=zFtQuW9pTqvRLtvwSHDEDTNGQ@mail.gmail.com> <185C158A-6306-426E-98B8-2E73D5056178@kitterman.com> <CAL0qLwY-UcZdmR4=kWP8g2pJagskQLfoPJX9ajpSKE48J8-r-w@mail.gmail.com>
In-Reply-To: <CAL0qLwY-UcZdmR4=kWP8g2pJagskQLfoPJX9ajpSKE48J8-r-w@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/wl_YL2rKOTR_9zYp87JQ2E5m3t4>
Subject: Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-usage-04.txt
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Nov 2017 15:08:17 -0000

On Thu, Nov 2, 2017, at 01:29 AM, Murray S. Kucherawy wrote:
> On Wed, Nov 1, 2017 at 6:12 PM, Scott Kitterman
> <sklist@kitterman.com> wrote:>> That would leave the new language about permanently failing tied only
>> to rsa-sha1 and not also in key size. I would either split the second
>> paragraph of 4.1 to put with insufficient key size in 4.2 (DKIM
>> signatures signed with insufficient key sizes (currently rsa-sha256
>> with less than 1024 bits) have permanently failed evaluation as
>> discussed in [RFC6376] Section 3.9
>> <https://tools.ietf.org/html/rfc6376#section-3.9>) or move the whole
>> paragraph up into section 4.> 
> I think I like the first option.  Anyone else (and Alexey in
> particular)?
Either is fine with me.

v2.23.0 | Report a Bug | By Email