1368 straw-poll : (was: Re: [ietf-dkim] Deployment Non-Scenario
7: Cryptographic Upgrade and Downgrade Attacks)
Douglas Otis
dotis at mail-abuse.org
Mon Feb 26 06:13:28 PST 2007
On Feb 26, 2007, at 3:30 AM, Stephen Farrell wrote:
> Option 1: If we agree with Charles (& Phill I guess) that
> looking up SSP and then passing on the only-signed-with-B
> message will be common practice then there seems to be a
> sufficient reason to include the "I sign all with A"
> statement or equivalent in SSP.
Unless John, Jon, Dave, and Mike can assure the WG that current
algorithms will always be sufficiently strong, and that a transition
sufficiently swift, then a means for the _signer_ to apply different
algorithms where one is "deprecated" should be possible. Philip's
point that this represents a type of signer's policy is valid.
However, the deprecation assertion (use Y instead of X) should be
possible within in either the key or signature to avoid unnecessary
overhead. Nothing needs to change in terms of these current
structures, however verifiers should be able to recognize when an
algorithm has been deprecated by the signer.
Option 1.
-Doug
More information about the ietf-dkim
mailing list