On Tue 22/Jul/2025 22:37:44 +0200 Murray S. Kucherawy wrote:
On Mon, Jul 21, 2025 at 1:13 PM Alessandro Vesely <[email protected]> wrote:
That's right. Ed25519 signatures are often reported as an error rather than
ignored, which is a reason to stop them. Instead, the RFC could have stated
that signers MUST implement and verifiers MUST report the lack of the new
signature as an error. Senders jump through hoops to avoid errors in
aggregate reports.
Reporting an unknown key type as an error deviates from a MUST in RFC
6376. Shouldn't we seek to drive broken implementations into good behavior
rather than altering standards to accommodate them?
Correct, Section 3.3.4 states:
Other algorithms MAY be defined in the future. Verifiers MUST ignore
any signatures using algorithms that they do not implement.
However, Section 2.7.1 of RFC 8601, which is what the current draft refers to,
does not explicitly address the case of unknown algorithm. The wording seems
to suggest neutral, but policy and permerror might also look palatable.
We need to explain in detail what to do with a new algorithm if we anticipate
its widespread adoption will need to be rapid.
Best
Ale
--
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
