Re: [cryptography] DKIM: Who cares?
I think it's more likely that DKIM is affecting spammers so little (if at all) that they never really cared about it, and the organisations deploying it know that and don't bother doing anything more than going through the motions using the shortest (= lowest-overhead) keys. Hmmn. Is there some point to speculating about the behavior of mail systems about which you know nothing? I'm typing this from a conference attended by all of the large ISPs in North America and many from Europe and Asia. I can assure you that they do check DKIM and they do use it to do the things that it can do. Random spam from random addresses is little affected by DKIM; it's hard to imagine why anyone who was familar with it would think otherwise. It's quite useful to recognize mail from known senders, which makes it easier to recognize and deal with some kinds of phishing. As more people use it, it's very useful to bypass filtering for known good signers and decrease the filtering load R's, John ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] DKIM: Who cares?
Note the weasel-words long-lived. I think that the people caught out in this were risking things -- but let's also note that the length of exposure is the TTL of the DNS entries. Seems to me that if it's possible to reverse engineer the signing key in three days, you'd need to change the key more often than that. I've asked around, and found that it's rare for people to rotate their DKIM keys more often than quarterly. So even if a key takes two months to crack, there could still be a fairly wide window to use the cracked key before it's rotated. I rotate every month, but appear to be the only mail system in the world that rotates that often. This kind of key problem isn't specific to DKIM, of course. DKIM key rotation is very easy, and you can use at least a 1536 bit key before you run into DNS packet size issues, so it's not hard to do right. R's, John ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] anyone got a how not to use OpenSSL list?
While more proper uses of OpenSSL vs improper, participates of the discussion might enjoy the following whitepaper and tool release by iSEC Partners and an Academic look at popular non-browser SSL failures (bottom): https://www.isecpartners.com/blog/2012/10/14/the-lurking-menace-of-broken-tls-validation.html Everything You’ve Always Wanted to Know About Certificate Validation With OpenSSL: https://www.isecpartners.com/storage/files/everything-you-wanted-to-know-about-openssl.pdf TLSPretense is a tool for testing certificate and hostname validation as part of an TLS/SSL connection https://github.com/iSECPartners/tlspretense This was released in tandem with Dan Boneh, M. Georgiev, S. Iyengar, S. Jana, R. Anubhai's SSL paper: The most dangerous code in the world: validating SSL certificates in non-browser software: https://crypto.stanford.edu/~dabo/pubs/abstracts/ssl-client-bugs.html -Aaron On Wed, Oct 24, 2012 at 8:41 PM, Jeffrey Walton noloa...@gmail.com wrote: On Wed, Oct 10, 2012 at 1:34 PM, travis+ml-rbcryptogra...@subspacefield.org wrote: I want to find common improper usages of OpenSSL library for SSL/TLS. Can be reverse-engineered from a how to properly use OpenSSL FAQ, probably, but would prefer information to the first point rather than its complement. -- http://www.subspacefield.org/~travis/ Calling RAND_pseudo_bytes instead of RAND_bytes. To make matters worst, they return slightly different values - 0 means failure for RAND_bytes; while 0 means non-cryptographic bytes have been returned for RAND_pseudo_bytes. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography