Re: verification error: empty key record; insecure key

From: Benny Pedersen <me_at_junc.org>
Date: Sat, 18 Aug 2012 00:01:44 +0200

Den 2012-08-17 20:16, Scott Kitterman skrev:
> On Friday, August 17, 2012 10:47:00 AM SM wrote:
>> At 10:33 17-08-2012, Benny Pedersen wrote:
>> >Message-ID: <1367995.li6hrOxpKc_at_scott-latitude-e6320>
>>
>> message has signatures from ietf.org, kitterman.com
>>
>> dkim=pass\n\treason="1024-bit key; insecure key"
>> header.i=_at_ietf.org\n\theader.b=TopKedBY; dkim-adsp=none (insecure
>> policy)
>>
>> s=ietf1 d=ietf.org SSL error:04091068:rsa
>> routines:INT_RSA_VERIFY:bad signature
>>
>> That last entry should be for the prior DKIM signature which was
>> invalidated as it passed through the mailing list, I
>> presume. Anyway, there is something odd in the above.
>
> The original mail was signed with opendkim and should, based on all
> my tests,
> have been properly signed. Most IETF lists munge mail in some way,
> so I'm not
> at all suprised the kitterman.com signature failed to verify.

Authentication-Results: home.junc.org; dkim=pass reason="1024-bit key"
        header.d=opendkim.org
header.i=opendkim-users-bounce_at_lists.opendkim.org
        header.b=lYhG2fS5; dkim-adsp=pass

just verifying last added signatures here, default is last 3

now i can Enable LocalADSP safely imho

> I'm cc'ing you on this mail so you'll have a direct mail from me to
> use for
> comparison.

thanks will reply in a moment
Received on Fri Aug 17 2012 - 22:01:39 PST