IETF Logo Mail Archive

Re: [Ietf-dkim] Fwd: Re: [..] Recommendation for dkim signing

Steffen Nurpmeso <steffen@sdaoden.eu> Wed, 06 March 2024 22:59 UTC

Return-Path: <steffen@sdaoden.eu>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA692C14F69C for <ietf-dkim@ietfa.amsl.com>; Wed, 6 Mar 2024 14:59:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sdaoden.eu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6M3BeieVtSSY for <ietf-dkim@ietfa.amsl.com>; Wed, 6 Mar 2024 14:59:13 -0800 (PST)
Received: from sdaoden.eu (sdaoden.eu [217.144.132.164]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE627C14F680 for <ietf-dkim@ietf.org>; Wed, 6 Mar 2024 14:59:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sdaoden.eu; s=citron; t=1709765949; h=date:author:from:to:cc:subject:message-id: in-reply-to:references:author:from:subject:date:to:cc:in-reply-to: references:message-id; bh=rXSiVzQW4CGtIWrYXh2KugAjExnD7AzUuS7KrhfS5Os=; b=lEpYLM39pHX89Oh6b8PkIY5W50WrN1xmXoAkW/5WVkc+enhUUbp2XoGy9RByh8wo7dX433EW 3IwwNgWQjUQcgGI/m+9rGBcgzp8okpQ/uK5W9onA63TFGqQbzjj2gNLa7iw0rkQOtZrXgIiQdx gbbNn1296E9RqnBN8W9P27gdeMGlOUMK1wqyZqUqY2Yl36hmwK5cBwyoxao3nU6V3u++4Holmh Ac9TKMkSPn7oPb7cBc5vQjANqJfYFicE5dYbhUauli7jLOd0Rlxt1Y3kP4xRW0e+sdF+7tIk91 vkgYSp8PQ19KPl5Zx4hocl/rv+ju0IkZwP0/jKrXpW5jz30g==
Date: Wed, 06 Mar 2024 23:59:08 +0100
Author: Steffen Nurpmeso <steffen@sdaoden.eu>
From: Steffen Nurpmeso <steffen@sdaoden.eu>
To: Scott Kitterman <ietf-dkim@kitterman.com>
Cc: ietf-dkim@ietf.org
Message-ID: <20240306225908.BYCs2NXy@steffen%sdaoden.eu>
In-Reply-To: <20240306224151.r4D7UEwr@steffen%sdaoden.eu>
References: <20240306215650.uXHHYo2j@steffen%sdaoden.eu> <C9EF0654-C410-46DC-B9A7-716E3ECA0B4E@kitterman.com> <20240306224151.r4D7UEwr@steffen%sdaoden.eu>
Mail-Followup-To: Scott Kitterman <ietf-dkim@kitterman.com>, ietf-dkim@ietf.org
User-Agent: s-nail v14.9.24-608-gfa6c5c5231
OpenPGP: id=EE19E1C1F2F7054F8D3954D8308964B51883A0DD; url=https://ftp.sdaoden.eu/steffen.asc; preference=signencrypt
BlahBlahBlah: Any stupid boy can crush a beetle. But all the professors in the world can make no bugs.
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/_TLw6GFSlGn-Gq1-q6Lesg7p5fQ>
Subject: Re: [Ietf-dkim] Fwd: Re: [..] Recommendation for dkim signing
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Mar 2024 22:59:17 -0000

Steffen Nurpmeso wrote in
 <20240306224151.r4D7UEwr@steffen%sdaoden.eu>:
 |Scott Kitterman wrote in
 | <C9EF0654-C410-46DC-B9A7-716E3ECA0B4E@kitterman.com>:
 ||On March 6, 2024 9:56:50 PM UTC, Steffen Nurpmeso <steffen@sdaoden.eu> \
 ||wrote:
 ...
 ||>So now that i have DKIM myself i tested.
 ||>And *no* verification software i can reach actually supports
 ||>Ed25519-sha256 as of RFC 8463 from September 2018!
 ||
 ||In addition to my dkimpy-milter, exam supports it and believe opendkim \
 ...
 ||This isn't horrible.  The main reason for RFC 8463 was, in my view, \
 ||as a hedge for some discovery that suddenly made RSA obsolete, which \
 ||hasn't happened yet.  From a standards perspective, it is there if needed.
 |
 |It greatly reduces the size of the headers, too.  And of the DNS
 |entries, and the DNS traffic as such, in UDP.
 |
 |I would speak contra and say it is a terrible picture.
 |And one mail i would have written right now in the queue.

One more contra, please.
In the software i have just written, the required code snippet to
support RFC 8463 is in one conditional OR.
In fact i am quite happy to contra, and hope at least one OpenSSL
people reads it, because i complained about this interface a month
ago i think.

    /* Unfortunately there is no easy accessible property that tells us which codepath to take */
    EVP_MD_CTX_reset(mdcp->mdc_md_ctx);
    if(!EVP_DigestSignInit(mdcp->mdc_md_ctx, NIL, mdcp->mdc_md->md_md, NIL, kp->k_key) &&

^ This is RSA.

                    !EVP_DigestSignInit(mdcp->mdc_md_ctx, NIL, NIL, NIL, kp->k_key)){

^ This is Ed25519.
Unfortunately nothing but brute force trials are possible to
detect which code path to take.  (It is worse actually, as i said
on the openssl-users list by quoting a OpenSSL commit message,
there is now a door open to make this way of doing things
impossible, and who knows whether they will go through it or not.)

Yes another reason to cheer RFC 6376 for this to be possible.
Ie, the possibly lengthy body with a stream-enabled digest, and
the cryptographic signature, that possibly is not stream-capable,
but requires one-shot signing, only for the header!
RFC 6376 is fantastic.  (Except for LF + CR.)

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)

v2.23.0 | Report a Bug | By Email