On Sun, Jan 22, 2017 at 2:25 PM, Peter Goldstein <pe...@valimail.com> wrote:
> Kurt, > > I agree that the best approach would be to update the DKIM spec to reflect > modern cryptographic realities. > I'd like to come up with something better than updating DKIM every time there's new advice on key sizes, etc. Doing one update that points to the best current advice, and then letting that other thing get updated whenever, would be better. Otherwise at some point we'll need to update DKIM and ARC, and then DKIM, ARC, and the next thing, etc. etc. But is there such a reference? > I actually broached this topic on the IETF DKIM mailing list a couple of > months ago. The thread quickly evolved into a discussion about using even > shorter key sizes (768 bit) to avoid the long term verifiability of emails, > and address associated privacy concerns. There did not seem to be a lot of > support for raising the bit size requirements. That said, perhaps others > would have more success. > I'd do an "updates" draft, but I'd like to resolve the above question first. > How would you suggest we drive a revision to RFC 6376 to address this > issue? > On ietf-dkim, not here. :-) -MSK
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
