[ietf-dkim] draft-ietf-dkim-threats-02 nit//Permitted and preferred algorithms.
Douglas Otis <dotis@mail-abuse.org> Thu, 06 April 2006 19:21 UTC
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FRa3F-0007B9-6p for ietf-dkim-archive@lists.ietf.org; Thu, 06 Apr 2006 15:21:53 -0400
Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FRa3D-00046t-RZ for ietf-dkim-archive@lists.ietf.org; Thu, 06 Apr 2006 15:21:53 -0400
Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id k36J3HWj026151; Thu, 6 Apr 2006 12:03:18 -0700
Received: from a.mail.sonic.net (a.mail.sonic.net [64.142.16.245]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id k36J3EeT026135 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <ietf-dkim@mipassoc.org>; Thu, 6 Apr 2006 12:03:14 -0700
Received: from [168.61.10.151] (SJC-Office-DHCP-151.Mail-Abuse.ORG [168.61.10.151]) (authenticated bits=0) by a.mail.sonic.net (8.13.6/8.13.3) with ESMTP id k36J2GBB016181 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO) for <ietf-dkim@mipassoc.org>; Thu, 6 Apr 2006 12:02:39 -0700
Mime-Version: 1.0 (Apple Message framework v749.3)
Content-Transfer-Encoding: 7bit
Message-Id: <57DB790B-C4AF-4A30-846F-36BA3A07A356@mail-abuse.org>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
To: IETF-DKIM <ietf-dkim@mipassoc.org>
From: Douglas Otis <dotis@mail-abuse.org>
Date: Thu, 06 Apr 2006 12:03:00 -0700
X-Mailer: Apple Mail (2.749.3)
X-Songbird: Clean, Clean
Subject: [ietf-dkim] draft-ietf-dkim-threats-02 nit//Permitted and preferred algorithms.
X-BeenThere: ietf-dkim@mipassoc.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org>
List-Unsubscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=unsubscribe>
List-Archive: <http://mipassoc.org/pipermail/ietf-dkim>
List-Post: <mailto:ietf-dkim@mipassoc.org>
List-Help: <mailto:ietf-dkim-request@mipassoc.org?subject=help>
List-Subscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=subscribe>
Sender: ietf-dkim-bounces@mipassoc.org
Errors-To: ietf-dkim-bounces@mipassoc.org
X-SongbirdInformation: support@songbird.com for more information
X-Songbird-From: ietf-dkim-bounces@mipassoc.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d
,--- | 4.1.14. Cryptographic Weaknesses in Signature Generation | | The message signature system must be designed to support multiple | signature and hash algorithms, and the signing domain must be able to | specify which algorithms it uses to sign messages. The choice of | algorithms must be published in key records, rather than in the | signature itself, to ensure that an attacker is not able to create | signatures using algorithms weaker than the domain wishes to permit. '___ This leaves out the "bid-down" concern. Change to: : The message signature system must be designed to support multiple : signature and hash algorithms, and the signing domain must be able to : specify which algorithms it uses to sign messages. The choice of : algorithms as well as the preferred algorithm offered when multiple : signatures are added to a message must be published in key records, : rather than in the just the signature itself, to ensure that an : attacker is not able to create signatures using algorithms weaker than : the domain prefers or wishes to permit. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
- [ietf-dkim] draft-ietf-dkim-threats-02 nit//Permi… Douglas Otis
- Re: [ietf-dkim] draft-ietf-dkim-threats-02 nit//P… Stephen Farrell
- Re: [ietf-dkim] draft-ietf-dkim-threats-02 nit//[… Douglas Otis
- Re: [ietf-dkim] draft-ietf-dkim-threats-02 nit//[… Stephen Farrell
- Re: [ietf-dkim] draft-ietf-dkim-threats-02 nit//[… Douglas Otis
- Re: [ietf-dkim] draft-ietf-dkim-threats-02 nit//[… Stephen Farrell