Cryptographic Algorithm and Key Usage Update to DKIM
draft-ietf-dcrup-dkim-usage-04

Summary: Has enough positions to pass.

Ben Campbell Yes

Comment (2017-09-27)
-4: "Verifiers MUST verify using rsa-sha256."

Should this say "...MUST be able to..."? That is, am I correct in assuming that a verifier will use the scheme specified by the signer if it is capable of doing so, and that it doesn't make sense to try to verify with rsa-sha256 if the signer used something else?

Spencer Dawkins Yes

Alexey Melnikov Yes

Kathleen Moriarty Yes

Comment (2017-09-27)
Thanks for your response to the SecDir review and addressing the problem in another draft.
https://datatracker.ietf.org/doc/review-ietf-dcrup-dkim-usage-04-secdir-lc-nystrom-2017-09-20/

Alia Atlas No Objection

Deborah Brungard No Objection

Benoit Claise No Objection

Suresh Krishnan No Objection

Warren Kumari No Objection

Mirja K├╝hlewind No Objection

Comment (2017-09-26)
Please check and address the feedback provided by the gen-art review (Thanks Jari!). My understanding is that the normative language was discussed in detail for this draft but Jari brought up a point on forward-comparability with future algorithms regarding verification. I would also be interested to at least see a reply to that!

Terry Manderson No Objection

Eric Rescorla No Objection

Alvaro Retana No Objection

Adam Roach No Objection

Comment (2017-09-26)
I would have expected section 4 to be explicit in the interaction between the requirement that "rsa-sha1 MUST NOT be used for signing or verifying" and the Authentication-Results header defined in RFC 7001. In particular, I would have expected to see guidance here whether receipt of a message using sha1 should be coded as "neutral" or "policy": as an implementor, I would be unsure which one to use.

Alissa Cooper No Record