[cryptography] DKIM: Who cares?
fenton at bluepopcorn.net
Fri Oct 26 16:58:27 EDT 2012
On 10/24/12 9:18 PM, Jon Callas wrote:
> Note the weasel-words "long-lived." I think that the people caught out
in this were risking things -- but let's > also note that the length of
exposure is the TTL of the DNS entries.
I wouldn't characterize those as weasel-words, but rather that they were
intentionally vague given the computational advances that can be
expected during the lifetime of an IETF specification.
John Graham observed this problem in mid-2010:
and I did a survey of key lengths used by known signing domains at the time:
It would be interesting to see if the distribution has changed since
then, but unfortunately I don't have access to that info any more.
-Jim (another of the authors)
More information about the cryptography