On 5/12/2015 10:25 PM, Roland Turner wrote:
On 05/13/2015 12:27 PM, Murray S. Kucherawy wrote:
https://sourceforge.net/p/opendkim/bugs/221/) appears to agree with
what I'm saying above. When talking about unacceptably small keys,
the "unacceptable" decision is not made by the protocol, but by the
receiver.
+1
(I haven't been tracking this thread in detail, so please forgive my
missing some nuance.)
I think the issue separates between 'interoperability' vs. 'usage
policy'. The former is the protocol. The latter is either
Internet-wide BCP or local policy, depending upon strong community
consensus.
I did a quick search for (rfc ietf minimum key size cryptograph) and
found a series of RFCs that do indeed talk about minimum key size. All
of them are Informational, rather than standards track or BCP.
As a non-crypto-geek, the solid constant I've observed is that crypto
algorithm and key size choices are highly malleable: they change over
time. So a protocol needs some agility with respect to these and MUST
NOT be locked in too tightly.
DKIM is algorithm-agile. It needs to also be key-length-agile.
If there is strong community consensus on the choices of algorithm and
key-length, it needs to be asserted as an operational convention, not in
the base protocol
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html