[ietf-dkim] Deployment Scenario 7: Cryptographic Upgrade and
Downgrade Attacks
Arvel Hathcock
arvel.hathcock at altn.com
Wed Feb 28 16:31:05 PST 2007
Mike, this is what I was trying to say in a previous post. You are
exactly right. We have already faced this situation and it has proven
itself in the field to work just fine.
Arvel
Michael Thomas wrote:
> I'm still not seeing what the problem is with things as they stand now.
> We've already been through a transition with sha1 and sha256. The
> solution was to make both signatures in the transition and set the
> h=sha1|sha256; in the selector. All you do when you're ready to
> completely transition is only sign with the new algorithm and set
> h=sha256; in the selector. This is exactly the kind of case we wanted
> to get right for -base and as far as I can tell it worked exactly as
> intended.
>
> I'm honestly not trying to be obtuse here.
More information about the ietf-dkim
mailing list