[ietf-dkim] Proposal for specifying syntax and semantics for
multiple signatures
Eric Rescorla
ekr at raman.networkresonance.com
Tue Apr 4 14:06:10 PDT 2006
Dave Crocker <dhc at dcrocker.net> writes:
> Eric, et al,
>
> Eric Rescorla wrote:
> > If we have two algorithms, Old and New, then there are three
> > kinds of signer and receiver, respectively: Old, New, and Both.
> > This gives us a 3-3 interop matrix, with four possibilities at
> > each cell:
>
>
> In the interest of exploring a simplification, let me re-raise a
> perspective that has been expressed by others:
>
> It is important to be able to have multiple signatures, for transition
> issues, to make sure that the signer and validator share at least one,
> common algorithms. That is the *only* concern about multiple
> signatures.
>
> One can take the position that question of "strength" is almost
> completely irrelevant.
>
> Here's why:
>
> The validator either considers a signature "strong" enough or they
> don't. That choice is the validator's and it does not matter in the
> least whether the signer agrees.
>
> If someone does a downplay attack, the validator might be looking at a
> signature that is "weaker" but it won't matter. Either the validator
> will consider it strong enough or they won't.
>
>
> So, my question is: what is wrong with this view of the issue?
In this context, I think nothing.
-Ekr
More information about the ietf-dkim
mailing list