[ietf-dkim] 1193 considered harmful
dotis at mail-abuse.org
Wed Mar 22 09:48:27 PST 2006
On Mar 22, 2006, at 11:03 AM, Dave Crocker wrote:
>> In fact, as I recall at the Cisco DKIM summit, the recommendation for
>> those wanting to experiment with implementations now was to use
>> allman-01 as the draft was expected to be in a state of flux and have
>> a number of further refinements over coming versions. In short,
>> everyone was expecting that it would change as the WG moved focus
>> threats to base.
> There is a difference between noting that the IETF specification is
> in flux, versus predicting that the IETF will produce a final
> specification that breaks the ability to have a signer who uses the
> pre-ietf spec be validated by an implementor of the post-ietf draft.
> So far, we have not modified DKIM to cause this breakage. The
> current proposal will cause this breakage.
> We should not break the pre-ietf to post-ietf interoperability
> without extremely good cause.
It should be noted that by including the hash parameter within the
signature header, this provides the same level of change as that of a
SHA-1 modification. This parameter indicates a new sequence is being
used to develop the hash in addition to a new hash algorithm. While
an older implementation will not be able to understand this
modification, neither will it understand the SHA-256. The newer
implementation, in an effort to remain backward compatible, could key
upon the hash parameter existing or not within the header to know
which sequence of hashing was used. I am not necessarily
recommending this strategy, but it is one that could be use to retain
the same level of breakage as was caused by the SHA change.
More information about the ietf-dkim