On 1/12/2015 10:25 PM, Franck Martin wrote:
Seems the score for key <1024 needs to oppose the DKIM score so the
end result is zero.
That's an interesting idea but I think the project is likely to make the
rule available with a minimal score for the admin to decide.
We are working more and mor
On Jan 12, 2015, at 4:58 PM, Mark Martinec wrote:
>> On January 12, 2015 8:06:00 AM EST, Mark Martinec
>>> It would be wrong to assign score to short keys.
>
> Kevin A. McGrail wrote:
>> Actually the rfc specifies that keys 512 to 2048 bits must be verified
>> so I think there is a grey area an
On January 12, 2015 8:06:00 AM EST, Mark Martinec
It would be wrong to assign score to short keys.
Kevin A. McGrail wrote:
Actually the rfc specifies that keys 512 to 2048 bits must be verified
so I think there is a grey area and there is this long-lived key
caveat as well.
I think if we ca
Actually the rfc specifies that keys 512 to 2048 bits must be verified so I
think there is a grey area and there is this long-lived key caveat as well.
I think if we can make a rule that fires on <1024 bits it's would be good. The
score may not be much but it could be helpful.
Regards,
KAM
On
On Jan 11, 2015, at 3:40 PM, Kevin A. McGrail
wrote:
I disagree as well. You can't cherry pick your quotes and you are
missing
the long-lived caveat as well as the next sentence: Verifiers MUST be
able
to validate signatures with keys ranging from 512 bits to 2048 bits
If it is 512 to 2048, I
On 1/11/2015 10:04 PM, Franck Martin wrote:
On Jan 11, 2015, at 3:40 PM, Kevin A. McGrail wrote:
I disagree as well. You can't cherry pick your quotes and you are missing the
long-lived caveat as well as the next sentence: Verifiers MUST be able to
validate signatures with keys ranging from 5
> On Jan 11, 2015, at 3:40 PM, Kevin A. McGrail wrote:
>
> I disagree as well. You can't cherry pick your quotes and you are missing the
> long-lived caveat as well as the next sentence: Verifiers MUST be able to
> validate signatures with keys ranging from 512 bits to 2048 bits
>
> If it is
I disagree as well. You can't cherry pick your quotes and you are missing the
long-lived caveat as well as the next sentence: Verifiers MUST be able to
validate signatures with keys ranging from 512 bits to 2048 bits
If it is 512 to 2048, I think the rfc is clear for recipients.
Regards,
KAM
Kevin A. McGrail:
https://wordtothewise.com/2012/11/how-long-is-your-dkim-key/
It's a recommendation not a requirement so the pass even when lower
than 1024 is accurate.
I disagree.
Lauras article is more then two years old. But since more then 4 years
( Sep 2011 )
RFC 6376 say very cl
On 1/11/2015 12:45 PM, Benny Pedersen wrote:
Kevin A. McGrail skrev den 2015-01-11 18:16:
A quick Google search brings up this
https://wordtothewise.com/2012/11/how-long-is-your-dkim-key/
It's a recommendation not a requirement so the pass even when lower
than 1024 is accurate.
bug created,
Kevin A. McGrail skrev den 2015-01-11 18:16:
A quick Google search brings up this
https://wordtothewise.com/2012/11/how-long-is-your-dkim-key/
It's a recommendation not a requirement so the pass even when lower
than 1024 is accurate.
bug created, https://sourceforge.net/p/opendkim/bugs/215/
Am 11.01.2015 um 18:16 schrieb Kevin A. McGrail:
> On 1/10/2015 4:01 PM, Benny Pedersen wrote:
>> opendkim have minimal keysize of 1024, else its considered invalid, so
>> i am asking should Mail::DKIM follow this as valid or invalid even if
>> the key check is PASS ?
>>
>> this leads to spamassass
On 1/10/2015 4:01 PM, Benny Pedersen wrote:
opendkim have minimal keysize of 1024, else its considered invalid, so
i am asking should Mail::DKIM follow this as valid or invalid even if
the key check is PASS ?
this leads to spamassassin VALID, but opendkim testing INVALID
hmm
A quick Google
opendkim have minimal keysize of 1024, else its considered invalid, so i
am asking should Mail::DKIM follow this as valid or invalid even if the
key check is PASS ?
this leads to spamassassin VALID, but opendkim testing INVALID
hmm
14 matches
Mail list logo
