IETF Logo Mail Archive

[dispatch] Proposed charter for DCRUP

"John R Levine" <johnl@taugh.com> Mon, 27 March 2017 16:57 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6BE8612946C for <dispatch@ietfa.amsl.com>; Mon, 27 Mar 2017 09:57:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=sADfrdeW; dkim=pass (1536-bit key) header.d=taugh.com header.b=o/3x8bMn
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bZTL0kV6thfm for <dispatch@ietfa.amsl.com>; Mon, 27 Mar 2017 09:57:32 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 503291293FC for <dispatch@ietf.org>; Mon, 27 Mar 2017 09:57:23 -0700 (PDT)
Received: (qmail 31517 invoked from network); 27 Mar 2017 16:57:22 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:mime-version:content-type:user-agent; s=7b1b.58d94472.k1703; bh=DClC2sDgfpt+ws82ElDN64uziDj5O1tcA1xta4+wSRQ=; b=sADfrdeWBIOkwWC9Z2uDeg3ur/2xRnfpuIRzh5D4KVKudgt8quXuNwsnewgDYwA2wZKx1c8X7aIBp2h7d9pD51DEFsMcUqxTikePrZ8YhHb1vstmUv80DSFr16pklGJQ7O14yGmE2e5Iyw8iAwymsE6B/kN4XrChDk6Q5yoPTVNj2xgYkpZi9CMNpH1euefCWhzd503wS8iHZE2nF3QPU0n3CvZBCj3ZHSUalVW8hL8tdTYS2+bHiRpMnQsQ7iTR
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:mime-version:content-type:user-agent; s=7b1b.58d94472.k1703; bh=DClC2sDgfpt+ws82ElDN64uziDj5O1tcA1xta4+wSRQ=; b=o/3x8bMnM/4FyiabDMOyxZ4RjI8T4T8cuLaIID1Kw7fgcdf9IoWtGh/6NfVEAB0tkzIPhC3uqt3w2Zj/2Ai6BVcN4ls5LPodKUSa76/Ql2H79c6gxK4FDdpw23CkKLIeSxVZLoQ39j5OWBaGjexkOwIWZT/EAZO3yuwgltovgzw05slk4S4E++WLZM5JBlXnINKimXZaAYbTNLWL65qn/rISNxqIKA7HuUtHFo1R+CceVrP1x18v7hC4KQWAvOEp
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2/X.509/AEAD) via TCP6; 27 Mar 2017 16:57:22 -0000
Date: Mon, 27 Mar 2017 11:57:20 -0500
Message-ID: <alpine.OSX.2.20.1703271129060.7578@dhcp-80f1.meeting.ietf.org>
From: John R Levine <johnl@taugh.com>
To: DISPATCH list <dispatch@ietf.org>
User-Agent: Alpine 2.20 (OSX 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/paINrBH9RhelTNmkObZ6GebLKaE>
Subject: [dispatch] Proposed charter for DCRUP
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Mar 2017 16:57:35 -0000

The DKIM Crypto Update (DCRUP) working groupkin is chartered to modify 
DKIM to handle more modern cryptographic algorithms and key sizes. DKIM 
(RFC 6376) signatures include a tag that identifies the hash algorithm and 
signing algorithm used in the signature. The only current algorithm is 
RSA, with advice that signing keys should be between 1024 and 2048 bits. 
While 1024 bit signatures are common, longer signatures are not because 
bugs in DNS provisioning software prevent publishing longer keys as DNS 
TXT records.

DCRUP will consider two types of changes to DKIM: additional signing 
algorithms such as those based on elliptic curves, and new public key 
forms, such as putting the public key in the signature and a hash of the 
key in the DNS.  It will limit itself to existing implemented algorithms 
and key forms. Other changes to DKIM, such as new message canonicalization 
schemes, are out of scope.

The WG's output will be an update to DKIM describing the changes to DKIM 
signatures to represent new algorithms or key representations, and to DNS 
TXT records containing public key information.

Milestones:

* Adopt draft for new algorithms and key forms

* WG last call

* Ship it

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly

v2.23.0 | Report a Bug | By Email