> On Jan 11, 2015, at 3:40 PM, Kevin A. McGrail <kmcgr...@pccc.com> wrote:
> 
> I disagree as well. You can't cherry pick your quotes and you are missing the 
> long-lived caveat as well as the next sentence: Verifiers MUST be able to 
> validate signatures with keys ranging from 512 bits to 2048 bits
> 
> If it is 512 to 2048, I think the rfc is clear for recipients. 

Gmail and a few others have decided to behave like if there was no DKIM 
signature if the key <1024. Because today nearly anyone can crack a 512bits 
DKIM key and just for a few dollars.

spamassassin could add positive points if the key <1024

Reply via email to