Skip to main content

Cryptographic Algorithm and Key Usage Update to DomainKeys Identified Mail (DKIM)
draft-ietf-dcrup-dkim-usage-06

Yes

(Alexey Melnikov)
(Spencer Dawkins)

No Objection

Warren Kumari
(Alia Atlas)
(Alvaro Retana)
(Benoît Claise)
(Deborah Brungard)
(Eric Rescorla)
(Suresh Krishnan)
(Terry Manderson)

Note: This ballot was opened for revision 04 and is now closed.

Warren Kumari
No Objection
Alexey Melnikov Former IESG member
Yes
Yes (for -04) Unknown

                            
Ben Campbell Former IESG member
Yes
Yes (2017-09-27 for -04) Unknown
-4: "Verifiers MUST verify using rsa-sha256."

Should this say "...MUST be able to..."? That is, am I correct in assuming that a verifier will use the scheme specified by the signer if it is capable of doing so, and that it doesn't make sense to try to verify with rsa-sha256 if the signer used something else?
Kathleen Moriarty Former IESG member
Yes
Yes (2017-09-27 for -04) Unknown
Thanks for your response to the SecDir review and addressing the problem in another draft.
https://datatracker.ietf.org/doc/review-ietf-dcrup-dkim-usage-04-secdir-lc-nystrom-2017-09-20/
Spencer Dawkins Former IESG member
Yes
Yes (for -04) Unknown

                            
Adam Roach Former IESG member
No Objection
No Objection (2017-09-26 for -04) Unknown
I would have expected section 4 to be explicit in the interaction between the requirement that "rsa-sha1 MUST NOT be used for signing or verifying" and the Authentication-Results header defined in RFC 7001. In particular, I would have expected to see guidance here whether receipt of a message using sha1 should be coded as "neutral" or "policy": as an implementor, I would be unsure which one to use.
Alia Atlas Former IESG member
No Objection
No Objection (for -04) Unknown

                            
Alvaro Retana Former IESG member
No Objection
No Objection (for -04) Unknown

                            
Benoît Claise Former IESG member
No Objection
No Objection (for -04) Unknown

                            
Deborah Brungard Former IESG member
No Objection
No Objection (for -04) Unknown

                            
Eric Rescorla Former IESG member
No Objection
No Objection (for -04) Unknown

                            
Mirja Kühlewind Former IESG member
No Objection
No Objection (2017-09-26 for -04) Unknown
Please check and address the feedback provided by the gen-art review (Thanks Jari!). My understanding is that the normative language was discussed in detail for this draft but Jari brought up a point on forward-comparability with future algorithms regarding verification. I would also be interested to at least see a reply to that!
Suresh Krishnan Former IESG member
No Objection
No Objection (for -04) Unknown

                            
Terry Manderson Former IESG member
No Objection
No Objection (for -04) Unknown