ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] DKIM Key Size Constraints

2015-05-12 08:19:25
I am not concern about us (Santronics) and our DKIM implementation 
with 1024 bit support on both ends per STD.  I am concern about 
everyone else.   In other words, I am not about to begin invalidating, 
rejecting perfectly signed DKIM 512 bit hashed messages purely based 
on your revised MUST.   That is when the engineering begins to go 
wrong.  If I would even consider it, it would be made optional anyway:

     [_] Enforce 1024 bit hashing

If you are going to proposes changes, then think about all the other 
considerations already being done to revise, "enhanced" DKIM.    I am 
tired of all the "patch work" and lack of engineering insights 
requiring later "adjustments."  Perhaps it was premature to make DKIM 
a STD.

All you can at best is a "SHOULD" and I am pretty sure that is how the 
more STD closer DKIM implementations currently does it at this point 
in time.   In other words, most likely the default settings are 1024 
bits.  Maybe you can write an informational I-D recommending 
implementations to change their defaults and/or even perhaps suggest, 
not mandate they they remove the option.

By why?   We don't have this theoretical exploit in action and its 
easily addressable with all the current DKIM features and options.



On 5/12/2015 8:56 AM, Scott Kitterman wrote:
On May 12, 2015 7:28:25 AM EDT, Hector Santos <hsantos(_at_)isdg(_dot_)net> 
wrote:
-1

Please stop! No more DKIM code changes ok?  The IETF just made it a
STD.

Maybe we should remove the STD status first, move it back to proposed
standard or experimental if this and other changes are coming.

If signers want 1024 bits, then can do so ready.

True, but irrelevant.

The change that's needed is to remove the requirement for receivers to verify 
signatures with keys to small to be secure.

Any cryptographic protocol will need periodic adjustment to remain secure.  
I'm surprised you are surprised.

Presumably your implementation already checks for the current minimum key 
size of 512 bits. If changing that constant to 1024 is too hard, I think 
you're doing it wrong.

Scott K

_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html



-- 
HLS


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html