Key size advisory

From: Murray S. Kucherawy <>
Date: Wed, 24 Oct 2012 13:04:08 -0700 (PDT)

There has been a lot of press today about weak DKIM keys in production.
For example:

libopendkim has, since its very earliest versions (and going back into its
life as "libdkim"), it has included an accessor function that allows the
caller to ask for the size of the key used to generate the signature.
This means users of the library can already selectively ignore signatures
generated with weak keys, without the need for a patch to the library.
(You might not yet be using the accessor, but it is available to you.)

The filter has not, however, made use of this other than for logging.
Moreover, there's nothing preventing one from generating signatures with
weak keys, other than documentation.

As of 2.7.0, there will be a (configurable) minimum key size of 1024 both
for signing and verifying; received signatures that don't meet the limit
will not be able to pass, and giving the library a key that doesn't meet
the minimum will result in an error.

2.7.0 will be released in the very near future.

Received on Wed Oct 24 2012 - 20:04:24 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:44 PST