On January 22, 2017 3:30:14 PM EST, Kurt Andersen <[email protected]> wrote: >On Sat, Jan 21, 2017 at 4:39 PM, Peter Goldstein <[email protected]> >wrote: > >> >> . . . ARC . . . inherits . . . from the DKIM RFC. The DKIM RFC >explicitly >> requires verifiers to validate signatures with bit sizes ranging from >512 >> bits to 2048 bits. >> >> There is a separate effort going on in the context of the UTA working >group to address technologically obsolete encryption strength >recommendations that have appeared over time in a variety of different >RFCs. I don't think that adding yet another independent reference is a >good >idea and I am strongly opposed to trying to torque the ARC requirements >to >be different from DKIM.
FYI, I did go review the UTA charter and anything DKIM related is out of scope for that working group. It's limited to TLS. Scott K >If Scott is planning to make dkimpy non-conformant to the DKIM spec, I >think that is regrettable, but I don't see that making the problem >worse >with ARC "going its own way" helps anyone. > >--Kurt _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
