IETF Logo Mail Archive

[dispatch] Proposed charter for DCRUP v0.2

"John R Levine" <johnl@taugh.com> Thu, 30 March 2017 19:37 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD81A1293D9 for <dispatch@ietfa.amsl.com>; Thu, 30 Mar 2017 12:37:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=GaleDqtU; dkim=pass (1536-bit key) header.d=taugh.com header.b=RkRTH9kt
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0vfR1Intqgpf for <dispatch@ietfa.amsl.com>; Thu, 30 Mar 2017 12:37:07 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 92EC31293F4 for <dispatch@ietf.org>; Thu, 30 Mar 2017 12:37:07 -0700 (PDT)
Received: (qmail 88907 invoked from network); 30 Mar 2017 19:37:06 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type:user-agent; s=15b49.58dd5e62.k1703; bh=o3bwYmbpuWb2erBX2YJOVdxxk9ZcPHClKcky9TNWp+0=; b=GaleDqtUIZt/kdVX5EaLUjBf6lWPlnI+mtqQsQGeIjk0iOFNb+nWNxuVFMYlIFfOpH/plWt4Ejz1RP5M5CGxTMnvlOFs0M2uQ1n64koWQAkcVwqSuCE9/3YEqNcTktYT5ZLyhoTl3MSSIZGJEGmZSLXGo5YIzZaCHMGQfjkZa6GYlfVGrrKhX1wsF5R6EuTaG81ml+tMPneqS/hiP0Xzvc2HJwdWWkd5CiE7po7lrIA+R5StdzBT6h82NYnbS1pk
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type:user-agent; s=15b49.58dd5e62.k1703; bh=o3bwYmbpuWb2erBX2YJOVdxxk9ZcPHClKcky9TNWp+0=; b=RkRTH9ktQrNXM/WVHsKsCJzl76d0T6a+rpS1Z50KRnBRaKhLHO/VNgfDR6icLo6uGBy663bCt6n4/qMBw+6sKNK++OgPezl4zJZVCL72smLggWotwjVKYvH+/RyugcCAhFO8CwCcQCiQJUEd/dGNKoloPj0otkE0Sof6dc7pkFtYo9xteh3mpE+i3Z2pXeWF7y0vCkoU84u4kY/0H9pkAcS8t3ITpndr7K6K9nDizS7++F6kNm51fk0nCV1+MpKh
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2/X.509/AEAD) via TCP6; 30 Mar 2017 19:37:06 -0000
Date: Thu, 30 Mar 2017 14:37:05 -0500
Message-ID: <alpine.OSX.2.20.1703301431530.8232@dhcp-80f1.meeting.ietf.org>
From: John R Levine <johnl@taugh.com>
To: DISPATCH list <dispatch@ietf.org>
In-Reply-To: <CAL0qLwZ9pDcOsooOgrpN9feDywc-+=twNtN4BpvOQ6ny68yLfA@mail.gmail.com>
References: <alpine.OSX.2.20.1703271129060.7578@dhcp-80f1.meeting.ietf.org> <CAL0qLwZ9pDcOsooOgrpN9feDywc-+=twNtN4BpvOQ6ny68yLfA@mail.gmail.com>
User-Agent: Alpine 2.20 (OSX 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/TuOa_oTfIHKLyevbudE0jbDJc3M>
Subject: [dispatch] Proposed charter for DCRUP v0.2
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Mar 2017 19:37:10 -0000

A few minor changes per recent suggestions: modify -> update, allow
deprecation of 512 bit RSA keys, don't be incompatible.

R's,
John

-----------

The DKIM Crypto Update (DCRUP) working groupkin is chartered to update
DKIM to handle more modern cryptographic algorithms and key sizes. DKIM
(RFC 6376) signatures include a tag that identifies the hash algorithm and
signing algorithm used in the signature. The only current algorithm is RSA,
with advice that signing keys should be between 1024 and 2048 bits. While
1024 bit signatures are common, longer signatures are not because bugs in
DNS provisioning software prevent publishing longer keys as DNS TXT records.

DCRUP will consider three types of changes to DKIM: additional signing
algorithms such as those based on elliptic curves, changes to key
strength advice and requirements, and new public key forms, such as
putting the public key in the signature and a hash of the key in the
DNS.  It will limit itself to existing implemented algorithms and key
forms. Other changes to DKIM, such as new message canonicalization
schemes, are out of scope.  The WG will as far as possible avoid
changes incompatible with deployed DKIM signers and verifiers.

v2.23.0 | Report a Bug | By Email