[cryptography] DKIM: Who cares?
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed Oct 24 16:21:56 PDT 2012
Steven Bellovin recently forwarded the following link to another list:
http://www.wired.com/threatlevel/2012/10/dkim-vulnerability-widespread/all/
In summary, it turns out that what seems like half the world's DKIM users are
using toy keys as short as 384 bits. This isn't just Joe's Pizza and
Panelbeating, it's a worldwide who's-who of big-site DKIM users all using weak
keys. Does anyone know why they all do this? Since it's so widespread, my
guess is that the organisations involved don't really care about it and are
just going through the motions, "we're doing this for form's sake and because
not doing so would look bad, not because we believe it adds anything
worthwhile".
Peter.
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list