On 1/7/25 6:47 PM, John Levine wrote:
It appears that Murray S. Kucherawy <[email protected]> said:
I'm on the fence here. Do we need to say explicitly in a charter that the
best contemporary practices in terms of cryptography have to be used in the
development of a new thing? If so, it seems like every charter would need
to be explicit about it.
No, but we can make migrating from one cipher suite to another easier than it is
noe. Since you can only have one key per DNS key record, if you want to do both
RSA and ECC signing, you need two different signatures with two different
selectors that fetch two different key records.
In DKIM2 we should be able to have different cipher types with the same
selector,
maybe with two TXT records or maybe with two keys in the same record, and you
should be able to put mutiple signatures in one DKIM header, with the verifier
checking whichever one(s) it knows about.
This is too many words but I think we can say "improved cipher agility" or
something like that.
This is the reason I brought this up. It's trivial to define the way to
sign/verify with ECC, for example, but transitions are hard and need to
be thought about. Whether this is the right time, I don't know, but if
this ends up being a 5 year ordeal or more (per typical), it probably
will be, especially with as open ended as the proposed charter is in its
current form.
Mike
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
