ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [ietf-dkim] The key record upgrade attack

2006-08-04 10:32:14
from [Paul Hoffman] [Permanent Link] 
At 10:04 AM -0700 8/4/06, Hallam-Baker, Phillip wrote:

Fortunately there is no conflict here.
If you consider RSA1024 secure and you find a valid RSA1024 signature on the message then you are done.
If on the other hand you only find an RSA1024 signature and you have reason to consider RSA1024 less than satisfactory you MAY decide to take a look at the policy record to see if there should also be a signature that offers stronger semantics. 

That's not what Doug said. He said:

 > >During a transition, it would be important to communicate

 what will be
 >offered and what has been deprecated.  Then these options MUST be
 >available or the related signatures MUST be ignored.


I specifically object to the last three words.
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] A more fundamental SSP axiom, Hector Santos
Next by Date:  Re: [ietf-dkim] A more fundamental SSP axiom, John L
Previous by Thread:  RE: [ietf-dkim] The key record upgrade attack, Hallam-Baker, Phillip
Next by Thread:  RE: [ietf-dkim] The key record upgrade attack, Hallam-Baker, Phillip
Indexes:  [Date] [Thread] [Top] [All Lists]