ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Re: 1368 straw-poll

2007-02-26 11:58:56


Paul Hoffman wrote:
At 10:10 AM -0800 2/26/07, Dave Crocker wrote:
Paul Hoffman wrote:
At 8:48 AM -0800 2/26/07, Dave Crocker wrote:
The proposed mechanism incurs an additional lookup for every signed message.

You keep saying this without justifying it. Others have shown it to be wrong. Please stop repeating it or support your statement.

Actually, they haven't.

Well, at least I have. If a recipient gets a message with a valid signature, they never need to look up an SSP record. That refutes your statement pretty fully, doesn't it?

I have no idea.

The discussion is about algorithm transitions. Those aren't interesting things to talk about unless there is a signature. My understanding of the current topic is that it pertains to an SSP query that is only worth making when there is a signature.

Some of the discussion seems to be about having a signature that is valid but not "strong enough". That might not be a scenario that you have in mind, but it sure seems to be one that is being discussed.

If there are no valid signatures, then I do not see how it is relevant to talk about algorithm agility.

All of which suggests that we have a few people who each feel they have a clear and solid understanding of the topic, but not necessarily that they share the same clear and solid understanding.

It further leaves out poor folk like me, whose only clear and solid understanding is that I have no clear or solid understanding of the problem that is claimed to be solved or why the problem is worth solving.


Were DKIM intended to have signatures that lasted years, that might make sense. Since it isn't, I am pretty sure it doesn't.

And you would be wrong. If I am signing a message with both A and B, it doesn't matter how long the key for each signature lasts; the transition lasts for as long as I am using both algorithms. This is no different than any other security protocol.

It does if the entire premise for a signature is that it is very short-lived, because it means that a transition can -- and should -- be targeted also to be short-lived for a given signer.

That is, indeed, very different from other security protocols.

d/

--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html