"unprotected key" with DNSSEC

From: Jim Fenton <fenton_at_bluepopcorn.net>
Date: Tue, 30 Aug 2016 16:39:29 -0700


I sent a test message to myself through a forwarder (I had some problems
with the milter config after a Linux upgrade) and now it's signing and
verifying, but reporting that the key is unprotected. But my domain is
DNSSEC signed, so I wonder why I'm seeing this.

A sample signature:

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bluepopcorn.net;
        s=supersize; t=1472599245;

and Authentication-Results:

Authentication-Results: v2.bluepopcorn.net; dkim=pass
        reason="1024-bit key; unprotected key"
        header.d=bluepopcorn.net header.i=_at_bluepopcorn.net
        header.b=WwWpOCSI; dkim-adsp=pass; dkim-atps=neutral

Any ideas?

Received on Tue Aug 30 2016 - 23:41:59 PST

This archive was generated by hypermail 2.3.0 : Tue Aug 30 2016 - 23:54:01 PST