Re: [ietf-dkim] DKIM Key Sizes
Scott Kitterman <ietf-dkim@kitterman.com> Mon, 31 October 2016 04:03 UTC
Return-Path: <ietf-dkim-bounces@mipassoc.org>
X-Original-To: ietfarch-ietf-dkim-archive@ietfa.amsl.com
Delivered-To: ietfarch-ietf-dkim-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 031841294D7 for <ietfarch-ietf-dkim-archive@ietfa.amsl.com>; Sun, 30 Oct 2016 21:03:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.791
X-Spam-Level:
X-Spam-Status: No, score=-1.791 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=kitterman.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jRZbMR5zgFsc for <ietfarch-ietf-dkim-archive@ietfa.amsl.com>; Sun, 30 Oct 2016 21:03:07 -0700 (PDT)
Received: from simon.songbird.com (simon.songbird.com [72.52.113.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D9F5112941C for <ietf-dkim-archive@ietf.org>; Sun, 30 Oct 2016 21:03:07 -0700 (PDT)
Received: from simon.songbird.com (simon.songbird.com [127.0.0.1]) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id u9V42whO014973; Sun, 30 Oct 2016 21:03:00 -0700
Authentication-Results: simon.songbird.com; dkim=fail reason="verification failed; unprotected key" header.d=kitterman.com header.i=@kitterman.com header.b=HG00Bftr; dkim-adsp=none (unprotected policy); dkim-atps=neutral
Received: from mailout03.controlledmail.com (mailout03.controlledmail.com [208.43.65.50]) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id u9V42sdw014957 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <ietf-dkim@mipassoc.org>; Sun, 30 Oct 2016 21:02:56 -0700
Received: from kitterma-e6430.localnet (static-72-81-252-21.bltmmd.fios.verizon.net [72.81.252.21]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout03.controlledmail.com (Postfix) with ESMTPSA id 0F460C40023 for <ietf-dkim@mipassoc.org>; Sun, 30 Oct 2016 23:04:04 -0500 (CDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kitterman.com; s=201409; t=1477886644; bh=ZblOC8/mZgEbShdtVST4BivKmSS0ZLKF0rbdKCJ53o4=; h=From:To:Subject:Date:In-Reply-To:References:From; b=HG00BftreQ5svBqh06rHZflHiH+0jnmspkgtjpOSVJLys8znbJye21NaPiEEO550M WnvSDPFOwlExtKD2S/2y9TiGKTg+HtxHK4Z31H58mhRjWJyOml7DybsTx0hvOrGWIx OL6oTDdn7BD0wzF2Nrwvwnrru/5UKg1k8AMucsU4=
From: Scott Kitterman <ietf-dkim@kitterman.com>
To: ietf-dkim@mipassoc.org
Date: Mon, 31 Oct 2016 00:02:03 -0400
Message-ID: <2665588.Zbol7Xll5U@kitterma-e6430>
User-Agent: KMail/4.13.3 (Linux/3.13.0-100-generic; KDE/4.13.3; x86_64; ; )
In-Reply-To: <alpine.OSX.2.11.1610301741360.16303@ary.qy>
References: <CAOj=BA3TFzxnHHZ+-tpoMCWxhaGvOg0RREbcYbpzS9g3g8i=Qg@mail.gmail.com> <CAOj=BA0PSQC4gQpdqEs1GnoWMurjFtdM1AzpyP-cCo9Z7kLmHQ@mail.gmail.com> <alpine.OSX.2.11.1610301741360.16303@ary.qy>
MIME-Version: 1.0
Subject: Re: [ietf-dkim] DKIM Key Sizes
X-BeenThere: ietf-dkim@mipassoc.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org>
List-Unsubscribe: <http://mipassoc.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=unsubscribe>
List-Archive: <http://mipassoc.org/pipermail/ietf-dkim/>
List-Post: <mailto:ietf-dkim@mipassoc.org>
List-Help: <mailto:ietf-dkim-request@mipassoc.org?subject=help>
List-Subscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=subscribe>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: ietf-dkim-bounces@mipassoc.org
Sender: ietf-dkim <ietf-dkim-bounces@mipassoc.org>
On Sunday, October 30, 2016 05:50:33 PM John R. Levine wrote: > > It's also probably worth ensuring that the major open source DKIM > > implementations support both signing and verifying with 4096-bit keys. > > Aside from OpenDKIM and dkimpy, are there any others that should be > > checked? > Perl Mail::DKIM is still widely used. It calls Crypt::OpenSSL::RSA which > is a wrapper around openssl so I'd be surprised if it had trouble with > large keys. There's also https://sourceforge.net/projects/libdkim/ by ALT-N. Scott K _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
- [ietf-dkim] DKIM Key Sizes Peter Goldstein
- Re: [ietf-dkim] DKIM Key Sizes Jon Callas
- Re: [ietf-dkim] Smaller keys/Bigger privacy (was:… Jon Callas
- Re: [ietf-dkim] DKIM Key Sizes Stephen Farrell
- Re: [ietf-dkim] DKIM Key Sizes Eliot Lear
- Re: [ietf-dkim] DKIM Key Sizes Rolf E. Sonneveld
- Re: [ietf-dkim] DKIM Key Sizes Eliot Lear
- Re: [ietf-dkim] DKIM Key Sizes Eliot Lear
- Re: [ietf-dkim] DKIM Key Sizes John R. Levine
- Re: [ietf-dkim] DKIM Key Sizes Martijn Grooten
- Re: [ietf-dkim] DKIM Key Sizes Roland Turner
- Re: [ietf-dkim] DKIM Key Sizes Peter Goldstein
- Re: [ietf-dkim] DKIM Key Sizes John R. Levine
- Re: [ietf-dkim] DKIM Key Sizes Jon Callas
- Re: [ietf-dkim] DKIM Key Sizes Scott Kitterman
- Re: [ietf-dkim] DKIM Key Sizes Jim Fenton
- Re: [ietf-dkim] DKIM Key Sizes Eliot Lear
- Re: [ietf-dkim] DKIM Key Sizes Brandon Long