Steven Bellovin recently forwarded the following link to another list: http://www.wired.com/threatlevel/2012/10/dkim-vulnerability-widespread/all/ In summary, it turns out that what seems like half the world's DKIM users are using toy keys as short as 384 bits. This isn't just Joe's Pizza and Panelbeating, it's a worldwide who's-who of big-site DKIM users all using weak keys. Does anyone know why they all do this? Since it's so widespread, my guess is that the organisations involved don't really care about it and are just going through the motions, "we're doing this for form's sake and because not doing so would look bad, not because we believe it adds anything worthwhile". Peter. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE