On 04/08/2011 03:17 PM, Murray S. Kucherawy wrote:
-----Original Message-----
From: dkim-ops-bounces(_at_)mipassoc(_dot_)org
[mailto:dkim-ops-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Paul Midgen
Sent: Friday, April 08, 2011 2:30 PM
To: dkim-ops(_at_)mipassoc(_dot_)org
Subject: [dkim-ops] key validation question
1. If the signer is using sha1, we have no way of knowing they
implement sha256 regardless of whether they advertise it. They could
lie.
I don't think there's any way to tell what a signer actually implements. Two
different keys could be constrained to different hashes each, and you
wouldn't know the full scope of what's implemented by the signer because you
don't know one key name given the other.
My own interpretation is that there is a difference between "implements"
and "uses" (or "signs"). Implements here means that in order for an
implementation to be RFC 4871 compliant, the signer must have the option
of specifying SHA256. The concern was that if SHA1 was thoroughly
broken (it has been teetering on the edge), that the signer would have
the ability to switch to SHA256 without getting a new release of
software or something.
I don't think it's the verifier's job to police the implementation that
the signer is using to make sure it implements SHA256.
But since you have interpreted it differently, the spec isn't clear
enough, as Murray points out.
-Jim
_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops