-
ari
> Can we use macs ciphers besides RSA1024 now for DKIM signatures? unsure what ue askinf cuz my brain is slightly mush bc its 4 AM rn but i myself use RSA2048 for my dkim RSA4096 is gaining better support with time ed25519 too but its muuuccchh worse than rsa4096✎ ↺ -
ari
idk who uses rsa1024 for dkim anymore tbh xD
-
ari
> A few years back I tried using longer DKIM RSA keys but ran into issues with incorrectly configured legacy hosts who could not fall back to DNS/TCP or handle IP fragments properly which is needed to handle such long DNS responses. I tried signing both with RSA and a modern elliptic curve based cipher but a lot of legacy mail hosts got confused by this and could not correctly use a dkim selector they implemented if mails had multiple signatures on them. u can have multiple DKIM selectors iirc u can try tk have rsa1024 ( ?? ) for very legacy systems or even 512 xD, 2048 for most, and either rsa4096 or ed25519 for modern hosts✎ ↺ -
ari
> Can we use macs ciphers besides RSA1024 now for DKIM signatures? unsure what ue askinf cuz my brain is slightly mush bc its 4 AM rn but i myself use RSA2048 for my dkim RSA4096 is gaining better support with time ed25519 too but its muuuccchh worse ( in support, not security ) than rsa4096 ✏ ↺
-
ari
> A few years back I tried using longer DKIM RSA keys but ran into issues with incorrectly configured legacy hosts who could not fall back to DNS/TCP or handle IP fragments properly which is needed to handle such long DNS responses. I tried signing both with RSA and a modern elliptic curve based cipher but a lot of legacy mail hosts got confused by this and could not correctly use a dkim selector they implemented if mails had multiple signatures on them. u can have multiple DKIM selectors iirc ( my friend does this ) u can try tk have rsa1024 ( ?? ) for very legacy systems or even 512 xD, 2048 for most, and either rsa4096 or ed25519 for modern hosts ✏ ↺
-
tom
ok so here's what I've found. Modern versions of openssl can't even read rsa1024 keys anymore and think they are invalid!? yet they can still read rsa2048. I can't use ed25519 because of rspamd using a stupid custom encoding format for ed25519 keys only that's not compatible with PEM or DER. If I sign with both rsa1024 and rsa2048 both signatures are consider invalid.
-
tom
dumb as hell
-
tom
https://github.com/rspamd/rspamd/issues/4630
-
tom
suddently all rsa1024 domain keys are considered 'not valid' by all the checking tools✎ -
tom
suddenly all rsa1024 domain keys are considered 'not valid' by all the checking tools ✏
-
ari
> suddenly all rsa1024 domain keys are considered 'not valid' by all the checking tools its deprecated probably, try rsa2048 ↺
-
tom
perfectly good rsa1024 domainkey: This doesn't seem to be a valid RSA public key: RSA.xs:194: OpenSSL error: bad base64 decode at blib/lib/Crypt/OpenSSL/RSA.pm (autosplit into blib/lib/auto/Crypt/OpenSSL/RSA/new_public_key.al) line 88. rsa2048: This is a valid DKIM key record This is not a good DKIM key record. You should fix the errors shown in red. The only valid value for the k= field is 'rsa' This doesn't seem to be a valid RSA public key: RSA.xs:194: OpenSSL error: expecting an rsa key at blib/lib/Crypt/OpenSSL/RSA.pm (autosplit into blib/lib/auto/Crypt/OpenSSL/RSA/new_public_key.al) line 88.
-
tom
So it seems most of the world is still stuck in some kind of limbo between rfc8301, rfc8463, and what version of openssl they have installed
-
tom
*facepalm*
-
tom
I guess i'll just remove rsa1024 signatures and sign with rsa2038 until further notice when software gets fixed.
π 1 -
ari
> I guess i'll just remove rsa1024 signatures and sign with rsa2038 until further notice when software gets fixed. π ↺
-
moparisthebest
2038 is an odd choice π
-
Martin
Unix time epoch?
-
moparisthebest
epochalypse
-
Brian
> 2038 is an odd choice π #BlameBinary ↺
-
Brian
At least, compared to Y2K, that problem is mostly fixed now. Deployment is still an issue in some cases.
-
Martin
I think Debian should be safe from Trixie on, which will probably be released soonβ’οΈ.