Return-Path: X-Original-To: dcrup@ietfa.amsl.com Delivered-To: dcrup@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFCEA129B4F for ; Mon, 12 Jun 2017 23:41:25 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.018 X-Spam-Level: X-Spam-Status: No, score=-1.018 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_FONT_FACE_BAD=0.981, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fdx1EwJpA_Zc for ; Mon, 12 Jun 2017 23:41:23 -0700 (PDT) Received: from mail-qt0-x22a.google.com (mail-qt0-x22a.google.com [IPv6:2607:f8b0:400d:c0d::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C671129571 for ; Mon, 12 Jun 2017 23:41:23 -0700 (PDT) Received: by mail-qt0-x22a.google.com with SMTP id w1so157324308qtg.2 for ; Mon, 12 Jun 2017 23:41:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=C7bt7UuNEw4I9ShYY4ZRMRphkRwPf6lwcECtGQHQnd8=; b=BKEzc2U4o/XAZV60UmHqvyoDIhucwZslgw7oCW0J7FG5If8K5kU2HYOgp8tq/ZPb7U CGe7oSJBSdq/Q60OuK7HYUCZqwDuXXiQ6+mQa7x+JUMunJzQxuICZlC99FpO4rcfAo83 HzVXL7icP87DWR6Wj6KiIlDRVP2u1YJMCkn02E2MqdWvsjjJMO5YsK+Nv0C9ROFefMSz 2w0FcvmTcgg5KcZ/aojwM71xjavUndAJ7am1spGluu3HokfCv+nD6mYz1iAnmDTAQPLT C5pUodKiuVvqDMu46GXK/eJU0ejzGnxSoWxx4gbs6rVQA2lYMLOTOD/HM+INfsYU2A1t jVlQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=C7bt7UuNEw4I9ShYY4ZRMRphkRwPf6lwcECtGQHQnd8=; b=WOm30ri11P9PaPG249WHRQU1vw5XRydqAkeyVoamL5xPKxovhAvvkUxKSN6VkqVIrN x7aSDZqjD0EhvGyglCSOR2NYFOTNf0opj67fSjPZdpufyameRDTsza6Wb1d/I5Kas/Kf jkqyxBY1m203K0Hv2bctOKc52awX6k3KMXqUrv3I/uT4bI/W5UQOVNSn3PA9m7SfXAKJ oChXI/FSgwsWMc4jshBR8XAuQoHVLQfKr/2AeA5pqMU+WBm5ExdogGEcwtuBsM7plwEj zT4NYUB3viYr4/Qdxl4p8ooi7jcFlhMNEYUql/gdwo6HpOusLOKGNacHJR2ELvhTPn4T zmRA== X-Gm-Message-State: AKS2vOwLw4Nbny4xR9dQiilC01587UYL1A+Q8Qr6PPW/D40R93GYphFt FThVnRUoWFNQT4NeS6Hmy8akoMO3IvRaCVzMSQ== X-Received: by 10.55.138.71 with SMTP id m68mr48718935qkd.192.1497336082037; Mon, 12 Jun 2017 23:41:22 -0700 (PDT) MIME-Version: 1.0 Received: by 10.12.175.165 with HTTP; Mon, 12 Jun 2017 23:41:21 -0700 (PDT) In-Reply-To: References: From: Peter Goldstein Date: Mon, 12 Jun 2017 23:41:21 -0700 Message-ID: To: dcrup@ietf.org Content-Type: multipart/alternative; boundary="94eb2c0767ee47ed0c0551d1b9f3" Archived-At: Subject: Re: [Dcrup] rsa-sha1 usage X-BeenThere: dcrup@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: DKIM Crypto Update List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jun 2017 06:41:26 -0000 --94eb2c0767ee47ed0c0551d1b9f3 Content-Type: text/plain; charset="UTF-8" When looking at the global usage of SHA-1, it's important to note that several of the largest email service providers still use rsa-sha1 signatures. I don't necessarily want to call out any companies on this list, but there are at least 3 large ESPs that in aggregate send billions of messages per day that are DKIM signed with rsa-sha1 (and only rsa-sha1). Getting this small number of ESPs to change to rsa-sha256 will fix this problem for email sent from a very large number of domains. On the referenced corpus I'm pretty sure it would address both the d=github.com and d=travis-ci.org signed messages. And I suspect it would represent a much larger fraction of rsa-sha1 signed email in the average email user's inbox. One of the valuable services that DCRUP can provide is demonstrating to these ESPs that SHA-1 support is actively being deprecated, and that they will need to make the shift to rsa-sha256 to ensure future deliverability. It's M3AAWG this week, and I'm planning on having that conversation with several folks from companies that are using rsa-sha1, to encourage them to make the change sooner rather than later. Similarly, I'd suggest that participants in mailing lists that are signing with rsa-sha1 reach out to the mailing list administrators and encourage them to make this change. Best, Peter On Mon, Jun 12, 2017 at 5:10 PM, James Cloos wrote: > >>>>> "BL" == Brandon Long writes: > > BL> It would be good to know where the source is > > When calculating those, I grep(1)ed for /^DKIM-Signature:/. > > 195704 sha1 dkims which had their d= on that line. The result of: > > :; grep sha1 dkim-lines|tr \ \\n|grep ^d=|sort|uniq -c|sort -nr|head > > is: > > 55567 d=gcc.gnu.org; > 46147 d=github.com; > 32100 d=sendgrid.me; > 28126 d=sourceware.org; > 6865 d= > 4560 d=listbox.com; > 1980 d=pobox.com; > 922 d=zx2c4.com; > 891 d=itsqueeze.com; > 661 d=travis-ci.org; > > The gcc.gnu.org ones are from the mailing lists @gcc.gnu.org, including > the automated ones like gcc-testresults and gcc-bugs. > > For github, roughly half were a=rsa-sha1 and half a=rsa-sha256. > I found a sha2 example from 2017/02/14 and a sha1 from 2017/02/15. > The sha1 included a Received line referencing sendgrid between the > ones referencing github itself. > > Getting those top four fixed would reduce significantly the sha1 cases. > > In all, there were 4217 distinct d= lines in the a=rsa-sha1 subset. > > But, again, the counts ignored cases where the a= and/or d= were not on > the first line of the DKIM-Signature: header. > > -JimC > -- > James Cloos OpenPGP: 0x997A9F17ED7DAEA6 > > _______________________________________________ > Dcrup mailing list > Dcrup@ietf.org > https://www.ietf.org/mailman/listinfo/dcrup > -- [image: logo for sig file.png] Bringing Trust to Email Peter Goldstein | CTO & Co-Founder peter@valimail.com +1.415.793.5783 <(415)%20793-5783> --94eb2c0767ee47ed0c0551d1b9f3 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
When looking at the global usage of SHA-1, it's i= mportant to note that several of the largest email service providers still = use rsa-sha1 signatures.=C2=A0 I don't necessarily want to call out any= companies on this list, but there are at least 3 large ESPs that in aggreg= ate send billions of messages per day that are DKIM signed with rsa-sha1 (a= nd only rsa-sha1).

Getting this small number of ES= Ps to change to rsa-sha256 will fix this problem for email sent from a very= large number of domains.=C2=A0 On the referenced corpus I'm pretty sur= e it would address both the d=3Dgithub.com and d=3Dtravis-ci.org signed message= s.=C2=A0 And I suspect it would represent a much larger fraction of rsa-sha= 1 signed email in the average email user's inbox.
One of the valuable services that DCRUP can provide is d= emonstrating to these ESPs that SHA-1 support is actively being deprecated,= and that they will need to make the shift to rsa-sha256 to ensure future d= eliverability.=C2=A0 It's M3AAWG this week, and I'm planning on hav= ing that conversation with several folks from companies that are using rsa-= sha1, to encourage them to make the change sooner rather than later.=C2=A0<= /div>

Similarly, I'd suggest that participants in ma= iling lists that are signing with rsa-sha1 reach out to the mailing list ad= ministrators and encourage them to make this change. =C2=A0

<= /div>
Best,

Peter

On Mon, Jun 12, 2017 at 5:10 PM, Jam= es Cloos <cloos@jhcloos.com> wrote:
>>>>> "BL" =3D=3D Br= andon Long <blong@= google.com> writes:

BL> It would be good to know where the source is

When calculating those, I grep(1)ed for /^DKIM-Signature:/.

195704 sha1 dkims which had their d=3D on that line.=C2=A0 The result of:
:; grep sha1 dkim-lines|tr \=C2=A0 \\n|grep ^d=3D|sort|uniq -c|sort -nr|hea= d

is:

=C2=A0 55567 d=3Dgcc.gnu.org;
=C2=A0 46147 d=3Dgithub.com;
=C2=A0 32100 d=3Dsendgrid.me;
=C2=A0 28126 d=3Dsourceware.org;
=C2=A0 =C2=A06865 d=3D
=C2=A0 =C2=A04560 d=3Dlistbox.com;
=C2=A0 =C2=A01980 d=3Dpobox.com;
=C2=A0 =C2=A0 922 d=3Dzx2c4.com;
=C2=A0 =C2=A0 891 d=3Ditsqueeze.com;
=C2=A0 =C2=A0 661 d=3Dtravis-ci.org;

The gcc= .gnu.org ones are from the mailing lists @gcc.gnu.org, including
the automated ones like gcc-testresults and gcc-bugs.

For github, roughly half were a=3Drsa-sha1 and half a=3Drsa-sha256.
I found a sha2 example from 2017/02/14 and a sha1 from 2017/02/15.
The sha1 included a Received line referencing sendgrid between the
ones referencing github itself.

Getting those top four fixed would reduce significantly the sha1 cases.

In all, there were 4217 distinct d=3D lines in the a=3Drsa-sha1 subset.

But, again, the counts ignored cases where the a=3D and/or d=3D were not on=
the first line of the DKIM-Signature: header.

-JimC
--
James Cloos <cloo= s@jhcloos.com>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0OpenPGP: 0x997A9F17E= D7DAEA6

_______________________________________________
Dcrup mailing list
Dcrup@ietf.org
https://www.ietf.org/mailman/listinfo/dcrup



--
=
=


=

<= img src=3D"https://lh5.googleusercontent.com/2H5o4IUaWTQg0CyrwoJc9mFj0TcbJM= MCWaIZWc5tSI-3Y7NtaSXWVY5jyaxa8eEuXkbx_liH2_QV_IcQWNAs2nN07sRNDvA5OSd06XWJi= IcMKW24c8dRvUh4xr33iC_CMgHzgODr" width=3D"239" height=3D"61" style=3D"borde= r: none;" alt=3D"logo for sig file.png">

Bringing Trust to Email

Peter Goldstein | CTO & Co-Fou= nder

peter@valimail.com

+1.415.793.5783<= br>
=
--94eb2c0767ee47ed0c0551d1b9f3--