ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Smaller keys/Bigger privacy (was: Re: DKIM Key Sizes)

2016-10-28 00:39:20
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


On Oct 27, 2016, at 9:55 PM, Dave Crocker <dcrocker(_at_)gmail(_dot_)com> 
wrote:

On 10/28/2016 12:29 AM, Jon Callas wrote:
The full discussion is pretty nuanced, and I think the relevant part here is 
that if an administrative domain wants to protect the privacy of its users, 
it should be using *smaller* DKIM keys, not larger ones. I think I could 
convincingly argue that a privacy-friendly email provider is better off 
using 512 bit keys (where there's a chance of spam forgery) than 4K keys 
(where there's a chance of ruining the privacy of the customers).


Not just nuanced, but also counter-intuitive (at least to me)

It would be well worth having a stable pointer to a discussion that lays this 
out carefully and compellingly.

Okay. How should I do that?

        Jon


-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.3.0 (Build 9060)
Charset: us-ascii

wsBVAwUBWBLjn/aTaG6hZJn9AQiRTwgAtcyKL7oHn03SrIJsUfIcMh44q3zfFxNw
ML1svmCG44ZcLSg5EC5CsEJzrwlr67dWggSEIn7G4uge9eHNZ3nfIBP6cO1Zphmm
BRDI6m7KsJJt3DHEhqWGqSmHxQqaUCVV9+JZg8Z79BYLdKPq1wmYpv6Qsbc0kcsN
uXUUIdUBAnOGnb33r9NiwIGWEeEYDTE6hNq/aoZ8EyxcrWZrtza4i2kyT0uxb393
hmBJfPaQqjphRSYGOUnqp3RM5nwqD9EGg0Ffo8SbtHlfb0u++rAbe/q9q0Yf9ov1
gQnRMkq3b8tXcV/44MQA/XhpI5EVZRHVn5EMLS0YQ3v3f1Q9kSKROA==
=XgrP
-----END PGP SIGNATURE-----

_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>