> On Jan 11, 2015, at 3:40 PM, Kevin A. McGrail <kmcgr...@pccc.com> wrote: > > I disagree as well. You can't cherry pick your quotes and you are missing the > long-lived caveat as well as the next sentence: Verifiers MUST be able to > validate signatures with keys ranging from 512 bits to 2048 bits > > If it is 512 to 2048, I think the rfc is clear for recipients.
Gmail and a few others have decided to behave like if there was no DKIM signature if the key <1024. Because today nearly anyone can crack a 512bits DKIM key and just for a few dollars. spamassassin could add positive points if the key <1024