> Am 21.12.2023 um 13:28 schrieb Andrew C Aitchison via mailop
> :
>
> On Thu, 21 Dec 2023, John R Levine via mailop wrote:
>> I'm sure that Google has code somewhere that can validate ED25519
>> signatures. But that does not mean that it would be a good idea for them to
>> use that code in pr
Am 21.12.2023 um 12:44 schrieb Slavko via mailop :
Dňa 20. 12. o 22:38 Gellner, Oliver via mailop napísal(a):
I’m not 100% sure what you mean by „signed forever“, but to change the topic of
this thread once more (and still stay on topic for this mailing list): While
the DKIM signature of an e
My point is not cryptographic merit. FWIW, any DKIM algorithm is way more
secure than what we need to authenticate emails, even RSA-SHA1 with 700bytes
keys (oh well, 512b keys were broken as a proof of concept some time ago.) As
Oliver pointed out, all those algorithms are more than enough goo
On Thu, 21 Dec 2023, Mike Hillyer wrote:
John Said:
I'm sure that Google has code somewhere that can validate ED25519
signatures. But that does not mean that it would be a good idea for them
to use that code in production today and try to update their reputation
systems to deal with the dual s
Dňa 21. decembra 2023 15:05:08 UTC používateľ Alessandro Vesely via mailop
napísal:
>It seems only (few) small servers dare implementing ed25519.
>
>I don't understand why.
Do you really don't understand that or do you afraid of what is
comming into mind?
AFAIK:
+ collaboration of NSA & RSA (
Oh I was only speaking to the concept of handling multiple signatures, not the
processing of a new crypto algorithm.
From: Alessandro Vesely
Sent: Thursday, December 21, 2023 10:05 AM
To: Mike Hillyer; mailop@mailop.org; John R Levine
Subject: Re: [mailop
On Thu 21/Dec/2023 14:53:55 +0100 Mike Hillyer via mailop wrote:
John Said:
I'm sure that Google has code somewhere that can validate ED25519
signatures. But that does not mean that it would be a good idea for them
to use that code in production today and try to update their reputation
syste
John Said:
> I'm sure that Google has code somewhere that can validate ED25519
> signatures. But that does not mean that it would be a good idea for them
> to use that code in production today and try to update their reputation
> systems to deal with the dual signing that implies.
With the numbe
On Thu, 21 Dec 2023, John R Levine via mailop wrote:
On Thu 21/Dec/2023 10:37:52 +0100 John Levine via mailop wrote:
Yes, your code should handle them. No, that doesn't mean you should sign
with them.
Yup. The question was why Gmail doesn't /verify/ ed25519 signatures.
Answering that they
On 2023/12/21 11:44, John R Levine via mailop wrote:
> > On Thu 21/Dec/2023 10:37:52 +0100 John Levine via mailop wrote:
> > > Yes, your code should handle them. No, that doesn't mean you should
> > > sign with them.
> >
> > Yup. The question was why Gmail doesn't /verify/ ed25519 signatures.
>
Dňa 20. 12. o 22:38 Gellner, Oliver via mailop napísal(a):
I’m not 100% sure what you mean by „signed forever“, but to change the topic of
this thread once more (and still stay on topic for this mailing list): While
the DKIM signature of an email will of course exist forever, it can lose its
Am 21.12.23 um 10:36 schrieb John Levine via mailop:
They're a little faster to
create and check than RSA, but the difference isn't enough to matter.
They are also very small in comparison to RSA keys. IMHO that's a great
argument when you distribute public keys via DNS.
John R Levine via mailop skrev den 2023-12-21 11:44:
As I've said several times, unless there is a cryptographic problem
with RSA, there is no reason to *use* any other kind of signature.
analogy to no need to have ipv6 when ipv4 works :)
___
mailop
On Thu 21/Dec/2023 10:37:52 +0100 John Levine via mailop wrote:
Yes, your code should handle them. No, that doesn't mean you should sign
with them.
Yup. The question was why Gmail doesn't /verify/ ed25519 signatures.
Answering that they do so because it's not necessary to use them doesn't
s
On Thu 21/Dec/2023 10:37:52 +0100 John Levine via mailop wrote:
It appears that Alessandro Vesely via mailop said:
RFC 8463 still reads out:
Signers SHOULD implement and verifiers MUST implement the
Ed25519-SHA256 algorithm.
Implement is not a synonym for use.
Yes, your code should ha
It appears that Alessandro Vesely via mailop said:
>RFC 8463 still reads out:
>
>Signers SHOULD implement and verifiers MUST implement the
>Ed25519-SHA256 algorithm.
Implement is not a synonym for use.
Yes, your code should handle them. No, that doesn't mean you should sign with
them.
It appears that Gellner, Oliver via mailop said:
>> Won't any Google insider shred some lite on why a generally technically
>> sound company lags like that?
>
>I‘m not an insider but I could imagine that DKIM signatures which use EdDSA
>and ECDSA are solutions to a problem that has
>not yet been
17 matches
Mail list logo
