On Thu, Mar 16, 2017 at 5:23 PM, John Levine <[email protected]> wrote:
> In article <CAL0qLwZDCbP2tWAp6RH38jTdkZueH8WPTbwd6Kfjk6Y0csZEXg@mail. > gmail.com> you write: > >I'm not sure how you could go about registering key lengths. What do you > >have in mind? > > Come to DISPATCH and learn all about it. > Oh, don't you worry. :-) The general point is that DKIM's key advice is kind of stale -- 512 bit > keys are > too short, 1024 keys are OK now, but within the likely lifetime of this > spec > we'll need longer keys. The obvious suggestion is 2048 except they don't > fit in a single TXT record string, and way too much DNS web crudware(tm) > doesn't handle multiple strings. > > Oh, and elliptic curve. > Sure; the existing registries are for hash algorithms and key types. Obviously more of those could be added, or we could deprecate some entries. And I could see an "Updates" document changing what DKIM says about supported or recommended key sizes, or amendments to these registries. But Kurt said something about creating an IANA registry of supported key sizes, and I don't know what that would look like. I'll find out in Chicago, I guess. -MSK
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
