On Wed, 28 Feb 2007 18:00:03 -, Eric Allman <[EMAIL PROTECTED]>
wrote:
I'm tempted to say "well, duh." That's the reason why senders will
probably want to support both A and B for a fairly long period. But
there will always be some verifiers that do not upgrade, and at some
point t
the catastrophic failure.
> -Original Message-
> From: Eric Allman [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, February 28, 2007 4:29 PM
> To: Hallam-Baker, Phillip
> Cc: [EMAIL PROTECTED]; IETF DKIM WG
> Subject: RE: [ietf-dkim] Issue 1386 and downgrade attacks
>
he argument. The conclusion is also wrong.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dave Crocker
Sent: Wednesday, February 28, 2007 1:48 PM
To: Eric Allman
Cc: IETF DKIM WG
Subject: Re: [ietf-dkim] Issue 1386 and downgrade attacks
Eric Allman wrote:
>
ECTED] On Behalf Of Dave Crocker
> Sent: Wednesday, February 28, 2007 1:48 PM
> To: Eric Allman
> Cc: IETF DKIM WG
> Subject: Re: [ietf-dkim] Issue 1386 and downgrade attacks
>
>
>
> Eric Allman wrote:
> > [By the way, there was also some confusion about wheth
At 10:48 AM -0800 2/28/07, Dave Crocker wrote:
It's probably worth noting that a catastrophe with a deployed
algorithm, so that a rapid transition is required, has no precedent
in the large-scale, open Internet, and probably would take
considerably more effort and mechanism than anything we are
On Feb 28, 2007, at 10:00 AM, Eric Allman wrote:
--On February 26, 2007 4:23:47 PM -0800 Douglas Otis <[EMAIL PROTECTED]
abuse.org> wrote:
There are more aspects related to DKIM than just signature, hash,
and canonicalization algorithms. At this point, it would be
difficult to predict
Eric Allman wrote:
[By the way, there was also some confusion about whether transitions are
O(years) or O(days). Changing selector records is O(days), whether or
not those selectors change algorithms, but changing algorithms requires
software updates and hence is O(years).]
Important disti
--On February 26, 2007 4:23:47 PM -0800 Douglas Otis
<[EMAIL PROTECTED]> wrote:
On Feb 26, 2007, at 2:31 PM, Eric Allman wrote:
Folks, I've been trying to understand the issues here, and I just
can't seem to wrap my head around it, which means that either (a)
there isn't actually an issue,
(For some reason Charles didn't copy the group on his reply to my
message, so I've included the entire thing even though I only have
one comment.
--On February 27, 2007 1:16:05 PM + Charles Lindsey
<[EMAIL PROTECTED]> wrote:
On Mon, 26 Feb 2007 22:31:15 -, Eric Allman
<[EMAIL PROTE
Eric,
I agree with your analysis, which only leads to the question of whether
or not Assumption 2 is reasonable. I think we have operational
experience that says that it is, but even if it were not, if an
algorithm is broken and people care they will put pressure on their
vendors to provide
On Feb 26, 2007, at 2:31 PM, Eric Allman wrote:
Folks, I've been trying to understand the issues here, and I just
can't seem to wrap my head around it, which means that either (a)
there isn't actually an issue, and (b) there is and I just don't
get it. Let me try to argue for why (a) look
Folks, I've been trying to understand the issues here, and I just
can't seem to wrap my head around it, which means that either (a)
there isn't actually an issue, and (b) there is and I just don't get
it. Let me try to argue for why (a) looks to be true to me.
There are three algorithms that
12 matches
Mail list logo