[Gen-art] Gen-ART review of draft-delany-domainkeys-base-05.txt

[Black_David@emc.com]

I am the assigned Gen-ART reviewer for draft-delany-domainkeys-base-05.txt.
For background on Gen-ART, please see the FAQ at
<http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html>.

Please wait for direction from your document shepherd
or AD before posting a new version of the draft.

This draft is basically ready for publication, but has nits
that should be fixed before publication.

The draft is generally well written, and contains good
explanations of the design rationale, which is important
to describe for this sort of document. 

I found two important issues that really need IESG attention,
and a number of less important issues.

(1) The IESG should replace the "Purpose of Submission" paragraph on
p.2 with a "Purpose of Publication" paragraph explaining:
- Why this draft is being published
- Why it is being published as Historic
- Where implementers should look for specifications that the
	IESG/IETF recommend for implementation.

(2) Some of the public key lengths used are surprisingly short by
comparison to current practice in other areas , e.g., 512-bit RSA
keys are allowed.  The only explanation I see for this is in
section 3.2.4, which lists a couple of reasons why larger keys
are harder to implement (space and time costs), and then says:

    o Keys can be replaced on a regular basis, thus their lifetime can
      be relatively short

    o The security goals of this specification are modest compared to
      typical goals of public key systems

Both bullets need more explanation that should at least answer:
	- How and why are the security goals modest?
	- What are typical goals of public key systems?
	- Given these, what are reasonable key lifetimes for
		some of the shorter key lengths.
The IESG may want to add a cautionary note specifically warning
designers away from the key lengths used in this draft in the absence
of careful analysis of level of threat, and the resulting key lifetimes.

-- Less important issues

Section 3.4.1 should recommend or reference a maximum line length that
will avoid issues with long lines.

Section 3.4.2.2 - Are "folding white space characters" removed from
anywhere in a line, or only at its beginning?

The use of "lifetime" in section 3.7 is potentially ambiguous, as there
are two factors involved here:
- How long a signer continues to use a key.
- How long a key record needs to remain in the DNS after the last time
	it has been used to sign an email.
This ought to be clarified - the primary concern in Section 3.7 appears
to be the latter.

Section 3.7.3 specifies a static policy of always preferring the earliest
signature.  I can envision mailing list examples, where the signature
of the mailing list MTA verifying that this was indeed sent to the
mailing list in question is more important than the signature of the
sender.  This could use some discussion.

Section 3.8 - the disconnect between the verifier and the MUA is
unfortunate.  Removal of the "good" status is a double-edged sword -
one thing that could be done here is to have the verifier sign the
combination of the verified signature, the good status, and verifier
information.  The MUA can then validate the verification.  This sort
of possibility might be useful to discuss as a future opportunity
to improve on this disconnect.

Section 5.1 on the X.509 header should say something about what
(if anything) was implemented.

Thanks,
--David
----------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 176 South St., Hopkinton, MA  01748
+1 (508) 293-7953             FAX: +1 (508) 293-7786
black_david@emc.com        Mobile: +1 (978) 394-7754
----------------------------------------------------

_______________________________________________
Gen-art mailing list
Gen-art@ietf.org
https://www1.ietf.org/mailman/listinfo/gen-art