Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-usage-04.txt
Scott Kitterman <sklist@kitterman.com> Thu, 02 November 2017 19:18 UTC
Return-Path: <sklist@kitterman.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9A0613F584 for <dcrup@ietfa.amsl.com>; Thu, 2 Nov 2017 12:18:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.89
X-Spam-Level:
X-Spam-Status: No, score=-1.89 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_HTML_ATTACH=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hFLWn5D0F2Ui for <dcrup@ietfa.amsl.com>; Thu, 2 Nov 2017 12:18:30 -0700 (PDT)
Received: from mailout03.controlledmail.com (mailout03.controlledmail.com [IPv6:2607:f0d0:3001:aa::2]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E46CA137832 for <dcrup@ietf.org>; Thu, 2 Nov 2017 12:18:29 -0700 (PDT)
Received: from kitterma-e6430.localnet (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout03.controlledmail.com (Postfix) with ESMTPS id 1F6D1C401DB for <dcrup@ietf.org>; Thu, 2 Nov 2017 14:18:27 -0500 (CDT)
From: Scott Kitterman <sklist@kitterman.com>
To: dcrup@ietf.org
Date: Thu, 02 Nov 2017 15:18:13 -0400
Message-ID: <2853504.Nql0Dy0gKo@kitterma-e6430>
User-Agent: KMail/4.13.3 (Linux/3.13.0-133-generic; KDE/4.13.3; x86_64; ; )
In-Reply-To: <1509635194.3915266.1159421104.02964C44@webmail.messagingengine.com>
References: <1504117534.496823.1090155768.0E7DA2E2@webmail.messagingengine.com> <CAL0qLwYM_k7gUDWX8=ZNoROj=zFtQuW9pTqvRLtvwSHDEDTNGQ@mail.gmail.com> <1509635194.3915266.1159421104.02964C44@webmail.messagingengine.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="nextPart4156455.TpyuXuajss"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/y5wn02i_0dyxTRqDqURCCM2pLoQ>
Subject: Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-usage-04.txt
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Nov 2017 19:18:33 -0000
On Thursday, November 02, 2017 03:06:34 PM Alexey Melnikov wrote: > On Wed, Nov 1, 2017, at 10:45 PM, Murray S. Kucherawy wrote: > > Circling back on this, which is the remaining point: > > > > On Thu, Aug 31, 2017 at 3:58 AM, Alexey Melnikov > > <aamelnikov@fastmail.fm> wrote:>> > > > >> On Thu, Aug 31, 2017, at 01:11 AM, Murray S. Kucherawy wrote: > >>> On Wed, Aug 30, 2017 at 11:33 AM, Alexey Melnikov > >>> <aamelnikov@fastmail.fm> wrote:>>>> > >>> > >>>> On Wed, Aug 30, 2017, at 07:29 PM, Murray S. Kucherawy wrote: > >>>>> The first line in Section 4 already says this updates 3.3 of > >>>>> RFC6376. You think we need to be more specific?>>>> > >>>> > >>>> As I mentioned: I think sections 3.3.2 and 3.3.4 are still > >>>> relevant. If this document is replacing 3.3 and its subsections, > >>>> some of this is lost.>>>> > >>>> If you really intended to replace 3.3 and its subsections, it would > >>>> be worth adding "and its subsections" to the draft.>>> > >>> > >>> The draft says "updates", but you're saying "replaces". I don't see > >>> those as the same thing. What this document says is to my mind > >>> treated as an overlay, not a replacement; read RFC6376, then read > >>> this for current advice, then act.>> > >> > >> I assume you are replacing the whole sections. If this is not what > >> you are doing, the document is even less clear and need to be > >> clarified.>> > >> > >>> If it's better to say this updates a specific subsection, then > >>> that's also reasonable. I just thought what we have is sufficient.>> > >> > >> Yes, please be specific. I couldn't be certain which sections are > >> still in force and which were updated.> > > > > I propose this, replacing our document's current Section 4: > > > > 4. Update to DKIM Signing and Verification Algorithms > > > > Section 4.1 updates the text in [RFC6376] Section 3.3. > > > > > > > > Section 4.2 updates the first paragraph in [RFC6376] Section 3.3.3. > > I want some specific text about what happens to sections: > > 3.3.1. The rsa-sha1 Signing Algorithm > 3.3.2. The rsa-sha256 Signing Algorithm > 3.3.4. Other Algorithms > > e.g. "Sections 3.3.1, 3.3.2 and 3.3.4 are not affected" or similar. (Or > the correct disposition of these sections if what I suggested is > not correct. > > > 4.1. DKIM Signing and Verification Algorithms DKIM supports multiple > > > > digital signature algorithms. Two algorithms are defined by this > > specification at this time: rsa-sha1 and rsa- sha256. Signers > > MUST sign using rsa-sha256. Verifiers MUST be able to verify > > using rsa-sha256. rsa-sha1 MUST NOT be used for signing or > > verifying. DKIM signatures signed with historic algorithms > > (currently rsa-sha1) or with insufficient key sizes (currently > > rsa-sha256 with less than 1024 bits) have permanently failed > > evaluation as discussed in [RFC6376] Section 3.9[1]. 4.2. Key > > Sizes Selecting appropriate key sizes is a trade-off between > > cost, performance, and risk. Since short RSA keys more easily > > succumb to off-line attacks, Signers MUST use RSA keys of at > > least 1024 bits for all keys. Signers SHOULD use RSA keys of at > > least 2048 bits. Verifiers MUST be able to validate signatures > > with keys ranging from 1024 bits to 4096 bits, and they MAY be > > able to validate signatures with larger keys. Verifier policies > > can use the length of the signing key as one metric for > > determining whether a signature is acceptable. Verifiers MUST > > NOT consider signatures using RSA keys of less than 1024 bits as > > valid signatures. > > > > Alexey, would this suffice? -MSK > > Links: > > 1. https://tools.ietf.org/html/rfc6376#section-3.9 I added text about 3.3.1, 2, and 4. See the attached RFC diff. If that works for you, I'll submit -06 and (hopefully) we can call it done. Scott K
- [Dcrup] AD review of draft-ietf-dcrup-dkim-usage-… Alexey Melnikov
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Murray S. Kucherawy
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Alexey Melnikov
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Hector Santos
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Murray S. Kucherawy
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Martin Thomson
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Alexey Melnikov
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Murray S. Kucherawy
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Scott Kitterman
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Murray S. Kucherawy
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Alexey Melnikov
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Alexey Melnikov
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Scott Kitterman
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Scott Kitterman
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Alexey Melnikov
- Re: [Dcrup] AD review of draft-ietf-dcrup-dkim-us… Murray S. Kucherawy