On Wed, Mar 08, 2023 at 07:42:56AM +0100, Patrick Ben Koetter via Postfix-users
wrote:
> - The key material is 4096 Bit and it was brought to my attention there's a
> bug / missing functionality (?) in opendmarc which results in the program
> being unable to handle keys at sizes larger than 2024 Bit.
I assume that's 2048-bit, not 2024. Further:
- NEVER use 4096-bit RSA. If your security requirements merit a
4096-bit RSA key, don't use RSA. All the long-term keys securing
the operating system updates you rely on, the DNSSEC key of the root
zone, ... are all 2048-bits. The threat models for 4096-bit RSA
look rather questionable to me. All I see when I see 4096-bit RSA
is a fashion statement.
- You could even consider a 1024-bit RSA keys for less bloat, and
just roll a new key and selector every ~90-180 days. DKIM
verifiers use unauthenticated DNS to retrieve the key. It makes
little sense to be worried about ~0.5 million core-year attacks on
1024-bit RSA just to forge some DKIM messages.
Example (cert.org, with little cause for concern, don't even roll the
key all that often):
$ dig +short -t txt selector1._domainkey.cert.org. |
sed -ne 's/.*p=\([^;]*\).*/\1/p' | tr -d '"; ' |
openssl base64 -A -d |
openssl pkey -pubin -inform DER -noout -text
RSA Public-Key: (1024 bit)
Modulus:
00:b6:de:68:e1:67:b4:f3:88:d5:c8:6f:79:04:99:
6f:4a:d2:9d:1e:70:3c:cd:e3:4b:67:1e:a0:f1:f2:
94:7b:91:92:a1:09:22:a4:4d:f0:47:d1:74:3b:65:
b1:ac:9e:2c:a2:0d:8f:ef:df:03:f9:a1:58:63:79:
a5:14:5c:47:3d:a2:34:f4:a0:bc:45:e1:73:67:28:
58:70:fb:2d:92:2d:aa:3e:1b:d9:ba:30:b8:d9:29:
1d:dc:e5:a8:d3:59:7a:a6:41:23:c2:d6:74:4d:36:
f9:8c:2c:38:c0:52:8a:79:1b:b8:d1:ce:cc:58:47:
33:8e:d2:dc:21:b7:2b:17:27
Exponent: 65537 (0x10001)
However, deliberately minimal key sizes to make a point, are also a
statement, be it on the non-conformist side. So you're safe with
2048-bit keys, which will remain interoperable longer, given
increasingly strict "crypto policies" in some recent OS "distros"...
--
Viktor.
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
