Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection again

ietf-dkim

Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks

2006-02-15 17:53:58



Mark Delany wrote:

On Wed, Feb 15, 2006 at 08:08:37PM +0000, Stephen Farrell allegedly wrote:

also valid. However, sha-1 has been *seriously* weakened: 2^63 is a

...

And regardless of whether hash-collision based attacks are actually

...

I'm not saying that the "MUST sha-256" argument is compelling, but


Can we seperate this discussion into another thread please?

I was wanting to solely discuss mechanisms in this thread.


Fair enough, but the problem is that the suggested scheme seems to
be vulnerable if the less desirable hash algs are broken for collisions.
That's exactly the problem seen with current hash functions.

The signer might mark the rsa-md5 signature with "U=crap-alg" but the
attacker can happily generate a colliding message with no "U=" at all.

Is the scheme still worthwhile if that's the case? Or, have I
misinterpreted your scheme?

S.


_______________________________________________

NOTE WELL: This list operates according tohttp://dkim.org/ietf-list-rules.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Mark Delany Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Stephen Farrell Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Dave Crocker Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Stephen Farrell Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Mark Delany Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Arvel Hathcock Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Michael Thomas Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Stephen Farrell Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Mark Delany Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Stephen Farrell <= Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Mark Delany Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Stephen Farrell Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Eliot Lear Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Douglas Otis [ietf-dkim] Supporting alternate algorithms, Dave Crocker [ietf-dkim] Re: Supporting alternate algorithms, Stephen Farrell Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Eric Allman Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Stephen Farrell Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Arvel Hathcock [ietf-dkim] Re: New Issue: Base: Upgrade indication and protection against downgrade attacks, Frank Ellermann

Previous by Date:	[ietf-dkim] Re: Supporting alternate algorithms, Stephen Farrell
Next by Date:	Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Mark Delany
Previous by Thread:	Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Mark Delany
Next by Thread:	Re: [ietf-dkim] New Issue: Base: Upgrade indication and protection against downgrade attacks, Mark Delany
Indexes:	[Date] [Thread] [Top] [All Lists]