On 10/24/12 9:18 PM, Jon Callas wrote: > > Note the weasel-words "long-lived." I think that the people caught out in this were risking things -- but let's > also note that the length of exposure is the TTL of the DNS entries.
I wouldn't characterize those as weasel-words, but rather that they were intentionally vague given the computational advances that can be expected during the lifetime of an IETF specification. John Graham observed this problem in mid-2010: http://blog.jgc.org/2010/06/facebooks-dkim-rsa-key-should-be.html and I did a survey of key lengths used by known signing domains at the time: http://blogs.cisco.com/security/key_lengths_for_dkim_signatures/ It would be interesting to see if the distribution has changed since then, but unfortunately I don't have access to that info any more. -Jim (another of the authors) _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
