ietf-dkim
[Top] [All Lists]

[ietf-dkim] WG Review: DKIM Crypto Update (dcrup)

2017-04-14 11:59:02
A new IETF WG has been proposed in the Applications and Real-Time Area.
The IESG has not made any determination yet. The following draft charter
was submitted, and is provided for informational purposes only. Please
send your comments to the IESG mailing list (iesg(_at_)ietf(_dot_)org) by
2017-04-24.

DKIM Crypto Update (dcrup)
-----------------------------------------------------------------------
Current status: Proposed WG

Chairs:
  TBD

Assigned Area Director:
  Alexey Melnikov <aamelnikov(_at_)fastmail(_dot_)fm>

Applications and Real-Time Area Directors:
  Adam Roach <adam(_at_)nostrum(_dot_)com>
  Ben Campbell <ben(_at_)nostrum(_dot_)com>
  Alexey Melnikov <aamelnikov(_at_)fastmail(_dot_)fm>

Technical advisors:
  Eric Rescorla <ekr(_at_)rtfm(_dot_)com>
 
Mailing list:
  Address: ietf-dkim(_at_)mipassoc(_dot_)org
  To subscribe: http://mipassoc.org/mailman/listinfo/ietf-dkim
  Archive: http://mipassoc.org/pipermail/ietf-dkim/

Group page: https://datatracker.ietf.org/group/dcrup/

Charter: https://datatracker.ietf.org/doc/charter-ietf-dcrup/

The DKIM Crypto Update (DCRUP) Working Group is chartered to update
DKIM to handle more modern cryptographic algorithms and key sizes. DKIM
(RFC 6376) signatures include a tag that identifies the hash algorithm
and signing algorithm used in the signature. The only current algorithm is
RSA, with advice that signing keys should be between 1024 and 2048 bits.
While 1024 bit signatures are common, longer signatures are not because bugs
in DNS provisioning software prevent publishing longer keys as DNS TXT
records.

DCRUP will consider three types of changes to DKIM: additional signing
algorithms such as those based on elliptic curves, changes to key
strength advice and requirements, and new public key forms, such as
putting the public key in the signature and a hash of the key in the
DNS to bypass bugs in DNS provisioning software that prevent publishing
longer keys as DNS TXT records.  It will limit itself to existing
implemented algorithms and key forms. Other changes to DKIM, such as new
message canonicalization schemes, are out of scope.  The WG will as far
as possible avoid changes incompatible with deployed DKIM signers and
verifiers.

Milestones:


_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>
  • [ietf-dkim] WG Review: DKIM Crypto Update (dcrup), The IESG <=