Re: [dkim-milter-discuss] rsa-sha256 not available with CentOS5/RHEL5?

Thu, 16 Aug 2007 23:42:22 -0700 

Adam Gibson skrev, on 17-08-2007 04:13:

> I was planning on deploying dkim-milter but I noticed that after 
> compiling and installing I got the error below on the reply from 
> [EMAIL PROTECTED]  After searches on the subject I gather that older 
> versions of OpenSSL do not support rsa-sha256.  Is this correct?
> 
> (verification error: signature algorithm invalid) [EMAIL PROTECTED]
> 
> [EMAIL PROTECTED] ~]$ dkim-filter -V
> dkim-filter: Sendmail DKIM Filter v2.1.1
>         Compiled with OpenSSL 0.9.7a Feb 19 2003
>         Supported signing algorithms:
>                 rsa-sha1
>         Supported canonicalization algorithms:
>                 relaxed
>                 simple
> 
> I am just surprised that the latest version of CentOS5/RHEL5 would be 
> too outdated to use [EMAIL PROTECTED]

As Kaspar points out, RHL5 has openssl 0.9.8 as standard. I'm running 
dkim-milter 2.1.1 with Postfix 2.4.5 on RHL5 and it's signing with 
rsa-sha256.

Working perfectly, by the way.

> I am pretty much stuck with 
> the default openssl versions for support reasons so I am wondering how 
> wide spread sha256 is used.  I know that sha1 is getting outdated and 
> has issues that make it easier to crack but it seems like a bad idea to 
> push an algorithm that some of the well known OS vendors do not support 
> by default... especially if we want dkim-milter to get used by as many 
> mail servers as we can.
> 
> Or did I do something wrong and sha256 is supported with openssl 0.9.7a?

If you want a RHL5 dkim-milter 2.1.1 rpm or srpm I can give you one - 
though it will be doing things my way ('cos it's my own spec), which may 
not be yours ;)

Best,

--Tonni

-- 
Tony Earnshaw
Email: tonni at hetnet dot nl


-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
dkim-milter-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss

Reply via email to