dkim-ops
[Top] [All Lists]

Re: [dkim-ops] key validation question

2011-04-08 17:50:53
-----Original Message-----
From: dkim-ops-bounces(_at_)mipassoc(_dot_)org 
[mailto:dkim-ops-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Paul Midgen
Sent: Friday, April 08, 2011 2:30 PM
To: dkim-ops(_at_)mipassoc(_dot_)org
Subject: [dkim-ops] key validation question

1. If the signer is using sha1, we have no way of knowing they
implement sha256 regardless of whether they advertise it. They could
lie.

I don't think there's any way to tell what a signer actually implements.  Two 
different keys could be constrained to different hashes each, and you wouldn't 
know the full scope of what's implemented by the signer because you don't know 
one key name given the other.

For example, foo._domainkey.example.com might say "h=sha1".  You don't know 
whether the signer can support SHA256 based on this; you only know that "foo" 
signatures aren't allowed to use it for some administrative reason.

For what it's worth, there's an errata open against RFC4871 to correct Section 
3.3 about the default algorithm, since the description of "a=" says the value 
is required (so there can't be a default).  This will be fixed in the update to 
the RFC that is in progress.

2. DKIM is made no more or less secure by the inclusion of ":sha256;"
in the key record, so frankly it seems kind of silly to insist on
someone inserting it into their record just so they appear RFC
compliant.

The use of "h=" is to enable rollover mechanisms when a hash is found to be 
insecure; one could immediately flag that the insecure hash is no longer valid 
for use by publishing a restricted "h=" and begin signing with the more secure 
hash, which would immediately invalidate the old signatures without requiring 
key rotation.  Until that happens, I agree that application of "h=" seems 
largely unimportant.

So: do I relax the key validation routine or stay true to the written
word?

I (and thus OpenDKIM) would stick to the rules, but that's just me.  They seem 
pretty easy to follow.

-MSK

_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops