* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Dcrup Status Pages

DKIM Crypto Update (Concluded WG)
Art Area: Adam Roach, Alexey Melnikov, Ben Campbell | 2017-Apr-28 — 2018-Sep-20 

2017-08-04 charter

DKIM Crypto Update (dcrup)


 Current Status: Active

     Murray Kucherawy <superuser@gmail.com>
     Rich Salz <rsalz@akamai.com>

 Applications and Real-Time Area Directors:
     Ben Campbell <ben@nostrum.com>
     Alexey Melnikov <aamelnikov@fastmail.fm>
     Adam Roach <adam@nostrum.com>

 Applications and Real-Time Area Advisor:
     Alexey Melnikov <aamelnikov@fastmail.fm>

 Tech Advisor:
     Eric Rescorla <ekr@rtfm.com>

 Mailing Lists:
     General Discussion: dcrup@ietf.org
     To Subscribe:       https://www.ietf.org/mailman/listinfo/dcrup
     Archive:            https://mailarchive.ietf.org/arch/browse/dcrup/

Description of Working Group:

  The DKIM Crypto Update (DCRUP) Working Group is chartered to update
  DomainKeys Identified Mail (DKIM, RFC 6376) to handle more modern
  cryptographic algorithms and key sizes. DKIM (RFC 6376) signatures
  include a tag that identifies the hash algorithm and signing algorithm
  used in the signature. The only current algorithm is RSA, with advice
  that signing keys should be between 1024 and 2048 bits. While 1024 bit
  signatures are common, longer signatures are not because bugs in DNS
  provisioning software prevent publishing longer keys as DNS TXT records.

  DKIM also currently supports use of SHA1 coupled with RSA.  SHA1 has been
  formally deprecated due to weakness in numerous contexts.
  The community wishes to discourage its continued use
  in the DKIM context.

  DCRUP will consider four types of changes to DKIM: additional signing
  algorithms such as those based on elliptic curves; changes to key
  strength advice and requirements; deprecating the use of SHA1;
  and new public key forms, such as
  putting the public key in the signature and a hash of the key in the
  DNS to bypass bugs in DNS provisioning software that prevent publishing
  longer keys as DNS TXT records.  Changes will be limited to existing
  implemented algorithms and key forms. Other changes to DKIM, such as new
  message canonicalization schemes, are out of scope.  The WG will as far
  as possible avoid changes incompatible with deployed DKIM signers and

Goals and Milestones:
  Oct 2017 - Agree what algorithms and key formats to add or deprecate
  Dec 2017 - Submit WG draft to IESG as Proposed Standard

All charter page changes, including changes to draft-list, rfc-list and milestones:

Generated from PyHt script /wg/dcrup/charters.pyht Latest update: 24 Oct 2012 16:51 GMT -