ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [ietf-dkim] Core algorithm support/use, draft text v2

2006-02-27 09:15:20
from [Hallam-Baker, Phillip] [Permanent Link] 
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Dave Crocker



So double signing gives compatibility without better 
strength, but with lots 
more overhead.  In other words, I do not see the upside of 
the double signature.


With SHA1/256 I absolutely agree. A second sig adds no value at all.
Particularly since RSA1024 is weaker than SHA1.

When we start introducing the replacement signature algorithm which will
at the very least entail the use of a digest algorithm that is currently
unknown and quite likely an unknown signature algorithm the use of
double signatures is the only way to realistically deploy the system.


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [ietf-dkim] Core algorithm support/use, draft text v2, Hallam-Baker, Phillip
Next by Date:  RE: [ietf-dkim] Threats Issue - Large DNS records make servers targets for spoofed source amplification attacks abuse, william(at)elan.net
Previous by Thread:  Re: [ietf-dkim] Core algorithm support/use, draft text v2, Scott Kitterman
Next by Thread:  RE: [ietf-dkim] Core algorithm support/use, draft text v2, Hallam-Baker, Phillip
Indexes:  [Date] [Thread] [Top] [All Lists]