* DMARC noob; excuse any naivety; did at least search the mail list archives and site FAQ for my keywords before posting here.
I'm currently working on getting senders with weak DKIM keys to upgrade, and getting verifiers that "pass" DKIM that has been signed with a weak key to be more strict. (Say you get a valid DKIM signature based on a 384-bit public key (there are such things out there!, and they are fun to factor on an ordinary laptop in less than 24 hours); what rfc5451 result would you give it? "policy"? How about 512 or 768 bits?) Jim Fenton mentioned to me the idea that weak DKIM keys could be something that verifiers report back to senders as part of DMARC feedback. Doable? -Zach _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
