Re: [dispatch] Updating DKIM for stronger crypto
Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 21 March 2017 14:33 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65DBD129961 for <dispatch@ietfa.amsl.com>; Tue, 21 Mar 2017 07:33:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.302
X-Spam-Level:
X-Spam-Status: No, score=-4.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZWYazPdRL-3H for <dispatch@ietfa.amsl.com>; Tue, 21 Mar 2017 07:33:08 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4148812995F for <dispatch@ietf.org>; Tue, 21 Mar 2017 07:33:07 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 55366BEB0; Tue, 21 Mar 2017 14:33:05 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nh5X7aPKI8o9; Tue, 21 Mar 2017 14:33:04 +0000 (GMT)
Received: from [10.244.2.100] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 2FA80BE38; Tue, 21 Mar 2017 14:32:59 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1490106779; bh=dvWb3hTPGvQGkT6BDXlU7/JjPMwTI54RZpwx9FqKo/M=; h=Subject:To:References:From:Date:In-Reply-To:From; b=RZg/L+coZ+ldWYUsFfQC/1751BV+zMG2ya1h7PKMLN/D8dUV/KmYdqm0V4pro0gf1 GtXEfXLLX1BR9FTdPE81JfdYs/gSXBRBrVqlcIxoFCSiPvk1uVYByHMaNM6KY1+bua z/YrtF2ATOyRNj/9djv7lwoHFWUnijImNJN89mmk=
To: John R Levine <johnl@taugh.com>, DISPATCH list <dispatch@ietf.org>
References: <20170206020826.1108.qmail@ary.lan> <29F6F66C-F14F-402A-83D4-CAC70841667E@iii.ca> <CABkgnnVX3rgMY0ZGmf_xcQ+zgGtCMaZcsymyW2BCWBeAKm_CqQ@mail.gmail.com> <b7f8064f-d91d-6c16-b984-fd20014c7975@cs.tcd.ie> <CABcZeBObvXkFd2G7st1iywMjVr-JWvzMrV46zCXZ251LHiddGA@mail.gmail.com> <alpine.OSX.2.20.1703210930150.22945@ary.qy>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <02a5c817-4b7a-0da8-6ad3-e8a5ac1c441e@cs.tcd.ie>
Date: Tue, 21 Mar 2017 14:32:58 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <alpine.OSX.2.20.1703210930150.22945@ary.qy>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="9p4NW6ruEAfvgMvWAEF6VCnKhC35rFeH6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/zdT4jJdiVw_Uzmg_OL2cGD0yw1U>
Subject: Re: [dispatch] Updating DKIM for stronger crypto
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Mar 2017 14:33:10 -0000
On 21/03/17 14:05, John R Levine wrote: > > If someone wanted to write something about key lifetimes with a way to > poison keys by publishing them, that would be OK with me but I wouldn't > want to put it into the DKIM spec. Currently it offers no advice on key > rotation beyond noting that it's possible, and no useful advice on key > sizes. Fully agree - were this to be done it ought be in it's own document. Personally, I'd be willing to help with it, but only if someone was likely to use it. (And so far, nobody is afaik.) S.
- Re: [dispatch] Updating DKIM for stronger crypto Cullen Jennings
- [dispatch] Updating DKIM for stronger crypto John Levine
- Re: [dispatch] Updating DKIM for stronger crypto Stephen Farrell
- Re: [dispatch] Updating DKIM for stronger crypto John R Levine
- Re: [dispatch] Updating DKIM for stronger crypto Eric Rescorla
- Re: [dispatch] Updating DKIM for stronger crypto John R Levine
- Re: [dispatch] Updating DKIM for stronger crypto John R Levine
- Re: [dispatch] Updating DKIM for stronger crypto Eric Rescorla
- Re: [dispatch] Updating DKIM for stronger crypto John R Levine
- Re: [dispatch] Updating DKIM for stronger crypto Eric Rescorla
- Re: [dispatch] Updating DKIM for stronger crypto Cullen Jennings
- Re: [dispatch] Updating DKIM for stronger crypto Martin Thomson
- Re: [dispatch] Updating DKIM for stronger crypto John R Levine
- Re: [dispatch] Updating DKIM for stronger crypto Martin Thomson
- Re: [dispatch] Updating DKIM for stronger crypto Stephen Farrell
- Re: [dispatch] Updating DKIM for stronger crypto Eric Rescorla
- Re: [dispatch] Updating DKIM for stronger crypto John R Levine
- Re: [dispatch] Updating DKIM for stronger crypto Stephen Farrell
- Re: [dispatch] Updating DKIM for stronger crypto Martin Thomson
- Re: [dispatch] Updating DKIM for stronger crypto John Levine
- Re: [dispatch] Updating DKIM for stronger crypto Martin Thomson
- Re: [dispatch] Updating DKIM for stronger crypto John R Levine
- Re: [dispatch] Updating DKIM for stronger crypto Wei Chuang