Re: [Dcrup] draft-ietf-dcrup-dkim-crypto-02 and registries
"John Levine" <johnl@taugh.com> Tue, 13 June 2017 11:30 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30D29131688 for <dcrup@ietfa.amsl.com>; Tue, 13 Jun 2017 04:30:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.358
X-Spam-Level:
X-Spam-Status: No, score=-0.358 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_06_12=1.543, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GKzh1ssgqkDx for <dcrup@ietfa.amsl.com>; Tue, 13 Jun 2017 04:30:48 -0700 (PDT)
Received: from miucha.iecc.com (www.iecc.com [IPv6:2001:470:1f07:1126::4945:4343]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E6AF1315EB for <dcrup@ietf.org>; Tue, 13 Jun 2017 04:30:48 -0700 (PDT)
Received: (qmail 58520 invoked from network); 13 Jun 2017 11:30:47 -0000
Received: from unknown (64.57.183.18) by mail1.iecc.com with QMQP; 13 Jun 2017 11:30:47 -0000
Date: Tue, 13 Jun 2017 00:21:17 -0000
Message-ID: <20170613002117.1367.qmail@ary.lan>
From: John Levine <johnl@taugh.com>
To: dcrup@ietf.org
Cc: kurta@drkurt.com
In-Reply-To: <CABuGu1qkpiG6ojo2Te6qcp3ckBeSvHCdUvNMV2N63a8s2e9_Cg@mail.gmail.com>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/xPzCfa9Pp4X7eEoC2rF91wDBqQU>
Subject: Re: [Dcrup] draft-ietf-dcrup-dkim-crypto-02 and registries
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Jun 2017 11:30:54 -0000
In article <CABuGu1qkpiG6ojo2Te6qcp3ckBeSvHCdUvNMV2N63a8s2e9_Cg@mail.gmail.com> you write: >I'd much prefer approach #2, but rather than "replace in place", the >replacement should point to a registry with the details in the registry >subject to expert review for future updates. The initial population of >registry entries should designate sha1 and rsa keys <1024bits as either >"not supported" or "deprecated" or whatever other terminology conveys the >same message in registry-speak. Take a look at my draft. There already is a registry for hash algorithms, and mine moves sha1 to historic. There's no registry for key sizes, and creating one would be tough. For RSA, you can create a key with as many bits as you want. You want a 1775 bit key, you can use a 1775 bit key. I'd rather keep the advice about key size in the text since the alternative would seem to be to list every key size from 512 to whatever and mark them individually good or bad. For the elliptic algorithms, there's no choice of key size so nothing to put in a registry. R's, John
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… John Levine
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… Seth Blank
- [Dcrup] draft-ietf-dcrup-dkim-usage and document … Murray S. Kucherawy
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… Scott Kitterman
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… John Levine
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… Scott Kitterman
- Re: [Dcrup] we need to do the work, was draft-iet… John Levine
- Re: [Dcrup] sequence of drafts, draft-ietf-dcrup-… John R. Levine
- Re: [Dcrup] sequence of drafts, draft-ietf-dcrup-… Scott Kitterman
- Re: [Dcrup] we need to do the work, was draft-iet… Salz, Rich
- Re: [Dcrup] we need to do the work, was draft-iet… John R Levine
- Re: [Dcrup] sequence of drafts, draft-ietf-dcrup-… John Levine
- Re: [Dcrup] sequence of drafts, draft-ietf-dcrup-… Salz, Rich
- Re: [Dcrup] sequence of drafts, draft-ietf-dcrup-… Scott Kitterman
- Re: [Dcrup] sequence of drafts, draft-ietf-dcrup-… Salz, Rich
- Re: [Dcrup] sequence of drafts, draft-ietf-dcrup-… Scott Kitterman
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… Kurt Andersen
- Re: [Dcrup] sequence of drafts, draft-ietf-dcrup-… Murray S. Kucherawy
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… Murray S. Kucherawy
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… Scott Kitterman
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… Murray S. Kucherawy
- Re: [Dcrup] sequence of drafts, draft-ietf-dcrup-… John Levine
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… Scott Kitterman
- Re: [Dcrup] draft-ietf-dcrup-dkim-crypto-02 and r… John Levine
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… Murray S. Kucherawy
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… Scott Kitterman
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… Seth Blank
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… Kurt Andersen
- Re: [Dcrup] draft-ietf-dcrup-dkim-usage and docum… Murray S. Kucherawy