[mail-vet-discuss] Proposed "header.b" tag for DKIM signatures
Victor.Duchovni at morganstanley.com
Wed Mar 24 16:44:37 PDT 2010
On Wed, Mar 24, 2010 at 02:37:43PM -0700, Murray S. Kucherawy wrote:
> > > first several characters of the actual digital signature, which is
> > > pretty much guaranteed to be unique among signatures present. This will
> > > allow unambiguous matching of signatures with results.
> > I sense some conflict between "pretty much guaranteed" and
> > "unambiguous".
> > How many signature bytes are you proposing to use?
> The spec says a minimum of eight, but enough to be able to be
> unambiguous. A few security types around the IETF I've polled about
> this seem to think that's adequate.
> Do you have another suggestion?
Well, since birthday attacks are not a concern here, 64-bits of signature
should have very low collision probability, provided the bits are not
primarily ASN.1 scaffolding, rather than the actual signature. I would
look for ~96 bits, and look into the question of how many of those first
few bytes are unpredictable signature vs. fixed ASN.1 glue.
More information about the mail-vet-discuss