[dispatch] Proposed charter for DCRUP v0.3
"John R Levine" <johnl@taugh.com> Fri, 07 April 2017 16:36 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BEFD124282 for <dispatch@ietfa.amsl.com>; Fri, 7 Apr 2017 09:36:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=R8hYljOe; dkim=pass (1536-bit key) header.d=taugh.com header.b=KF0Z5vZe
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VnUAcyQQ7dZm for <dispatch@ietfa.amsl.com>; Fri, 7 Apr 2017 09:36:23 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0404512944A for <dispatch@ietf.org>; Fri, 7 Apr 2017 09:36:22 -0700 (PDT)
Received: (qmail 1183 invoked from network); 7 Apr 2017 16:36:18 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type:user-agent; s=493.58e7c002.k1704; bh=8Z7mh56mhQPsXcEOmdv6TCLuxZjof7k+vmrG71KWkO0=; b=R8hYljOeOn5m25capwcGs9M37zr7uR1kWQ/PT2drAsEpq+hshVph5j4NN4F+kzE2YvJPhjI/TI1wZ0UbrsoT+0D9rLM7V+IboQ+poNipg9FPdRhcUSYfrMb93fFmY2DesaOxM5hYEZE7WriKXUbUK6o4UMZImeqwefexwYWaOl3UhkxI+OlBYrKgxrtkDvY11yrq9Fd/D87OW8n5cU9zF6Brt7eD8zYxcNq/VyGvUwe/5f3a6rskLIeSNHxA8rez
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type:user-agent; s=493.58e7c002.k1704; bh=8Z7mh56mhQPsXcEOmdv6TCLuxZjof7k+vmrG71KWkO0=; b=KF0Z5vZe/pf5Zp4WL5yZ+ohBFBn+1rymESxTxT+dz/uBwlvPzkApXXIeTmHPxjK5A+MC48gdEP9h+Jjz8YVZ/ElPoTl1/qPLXH5nsHTrUqkvmavz7n/bSFDpYNuJGJaulxQvmo8ipVB55mE2mgRdEZQfMHHEmX3zv11HJJG0gvKAb75N8/rxrHB3i/l1XAbDEtGTvipvy/DRAqM5zfEUWdICmnsrl3+0WwrWZKc35LhTHzMbdn9FCDABdCvYKDnn
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2/X.509/AEAD) via TCP6; 07 Apr 2017 16:36:18 -0000
Date: Fri, 07 Apr 2017 12:36:18 -0400
Message-ID: <alpine.OSX.2.20.1704071233050.55219@ary.qy>
From: John R Levine <johnl@taugh.com>
To: DISPATCH list <dispatch@ietf.org>
In-Reply-To: <alpine.OSX.2.20.1703301431530.8232@dhcp-80f1.meeting.ietf.org>
References: <alpine.OSX.2.20.1703271129060.7578@dhcp-80f1.meeting.ietf.org> <CAL0qLwZ9pDcOsooOgrpN9feDywc-+=twNtN4BpvOQ6ny68yLfA@mail.gmail.com> <alpine.OSX.2.20.1703301431530.8232@dhcp-80f1.meeting.ietf.org>
User-Agent: Alpine 2.20 (OSX 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/m0salTJ8PdlME6A_jXZecOHzh8U>
Subject: [dispatch] Proposed charter for DCRUP v0.3
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Apr 2017 16:36:26 -0000
One last twiddle, make it clear we can deprecate obsolete signing algorithms. I have in mind SHA-1 and RSA-512. Assuming people are happy with this, what's the next step? R's, John ----------- The DKIM Crypto Update (DCRUP) working groupkin is chartered to update DKIM to handle more modern cryptographic algorithms and key sizes. DKIM (RFC 6376) signatures include a tag that identifies the hash algorithm and signing algorithm used in the signature. The only current algorithm is RSA, with advice that signing keys should be between 1024 and 2048 bits. While 1024 bit signatures are common, longer signatures are not because bugs in DNS provisioning software prevent publishing longer keys as DNS TXT records. DCRUP will consider three types of changes to DKIM: additional signing algorithms such as those based on elliptic curves, changes to key strength advice and requirements including deprecating obsolete algorithms, and new public key forms, such as putting the public key in the signature and a hash of the key in the DNS. It will limit itself to existing implemented algorithms and key forms. Other changes to DKIM, such as new message canonicalization schemes, are out of scope. The WG will as far as possible avoid changes incompatible with deployed DKIM signers and verifiers.
- [dispatch] Proposed charter for DCRUP John R Levine
- Re: [dispatch] Proposed charter for DCRUP Martin Thomson
- Re: [dispatch] Proposed charter for DCRUP Eric Rescorla
- Re: [dispatch] Proposed charter for DCRUP Barry Leiba
- Re: [dispatch] Proposed charter for DCRUP Martin J. Dürst
- Re: [dispatch] Draft and Proposed charter for DCR… John R Levine
- Re: [dispatch] Proposed charter for DCRUP Jim Fenton
- Re: [dispatch] Proposed charter for DCRUP Murray S. Kucherawy
- [dispatch] Proposed charter for DCRUP v0.2 John R Levine
- Re: [dispatch] Proposed charter for DCRUP v0.2 Jim Fenton
- Re: [dispatch] Proposed charter for DCRUP v0.2 Federico Santandrea
- Re: [dispatch] Proposed charter for DCRUP v0.2 John Levine
- Re: [dispatch] Proposed charter for DCRUP v0.2 John Levine
- [dispatch] Proposed charter for DCRUP v0.3 John R Levine
- Re: [dispatch] Proposed charter for DCRUP v0.3 Eric Rescorla
- Re: [dispatch] Proposed charter for DCRUP v0.3 John R Levine
- Re: [dispatch] Proposed charter for DCRUP v0.3 Eric Rescorla
- Re: [dispatch] Proposed charter for DCRUP v0.3 John R Levine