ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] DKIM Key Size Constraints

2015-05-12 08:05:13
On May 12, 2015 7:28:25 AM EDT, Hector Santos <hsantos(_at_)isdg(_dot_)net> 
wrote:
-1

Please stop! No more DKIM code changes ok?  The IETF just made it a
STD.

Maybe we should remove the STD status first, move it back to proposed 
standard or experimental if this and other changes are coming.

If signers want 1024 bits, then can do so ready.

True, but irrelevant.

The change that's needed is to remove the requirement for receivers to verify 
signatures with keys to small to be secure. 

Any cryptographic protocol will need periodic adjustment to remain secure.  I'm 
surprised you are surprised. 

Presumably your implementation already checks for the current minimum key size 
of 512 bits. If changing that constant to 1024 is too hard, I think you're 
doing it wrong. 

Scott K

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html