ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ietf-dkim] Re: 1368 straw-poll :

2007-02-26 10:41:21
from [Mark Delany] [Permanent Link] 
Michael Thomas wrote:
been deprecated. To permit a graceful transition, both the deprecated algorithm (whatever that might be) and some shiny new algorithm must now be included with the message. Once your verifier adopts the shiny 

[ Two valid signatures in the message ]
Wasn't this always the transition plan? The only crucial point is that the Selector associated with the "weaker" signature has to tell the verifier to expect the presence of "stronger" signature.
If the verifier doesn't understand the "stronger/newer" signature or can't find it, then it has a risk decision to make about the weaker verification. Selector-embedded SSP could give guidance to local policy here. 



At least I can see the potential issue here.


With the solution or the problem?


Mark.

_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Re: 1368 straw-poll, Mark Delany
Next by Date:  [ietf-dkim] Re: 1368 straw-poll, Paul Hoffman
Previous by Thread:  Re: 1368 straw-poll : (was: Re: [ietf-dkim] Deployment Non-Scenario 7: Cryptographic Upgrade and Downgrade Attacks), Michael Thomas
Next by Thread:  Re: 1368 straw-poll : (was: Re: [ietf-dkim] Deployment Non-Scenario 7: Cryptographic Upgrade and Downgrade Attacks), John R Levine
Indexes:  [Date] [Thread] [Top] [All Lists]