[cryptography] DKIM: Who cares?

Matthew Green matthewdgreen at gmail.com
Wed Oct 24 19:57:54 EDT 2012

That's my impression. 

Others have pointed out that 512 bits is a limit imposed by DNS/UDP text record sizes (much more and you need TCP). I don't know if that's accurate and I'm not sure it contradicts my first answer. 


On Oct 24, 2012, at 7:21 PM, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:

> Steven Bellovin recently forwarded the following link to another list:
>  http://www.wired.com/threatlevel/2012/10/dkim-vulnerability-widespread/all/
> In summary, it turns out that what seems like half the world's DKIM users are
> using toy keys as short as 384 bits.  This isn't just Joe's Pizza and
> Panelbeating, it's a worldwide who's-who of big-site DKIM users all using weak
> keys.  Does anyone know why they all do this?  Since it's so widespread, my
> guess is that the organisations involved don't really care about it and are
> just going through the motions, "we're doing this for form's sake and because
> not doing so would look bad, not because we believe it adds anything
> worthwhile".
> Peter.
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography

More information about the cryptography mailing list