There has been a lot of press today about weak DKIM keys in production.
For example:
http://www.kb.cert.org/vuls/id/268267
http://www.wired.com/threatlevel/2012/10/dkim-vulnerability-widespread
libopendkim has, since its very earliest versions (and going back into its
life as "libdkim"), it has included an accessor function that allows the
caller to ask for the size of the key used to generate the signature.
This means users of the library can already selectively ignore signatures
generated with weak keys, without the need for a patch to the library.
(You might not yet be using the accessor, but it is available to you.)
The filter has not, however, made use of this other than for logging.
Moreover, there's nothing preventing one from generating signatures with
weak keys, other than documentation.
As of 2.7.0, there will be a (configurable) minimum key size of 1024 both
for signing and verifying; received signatures that don't meet the limit
will not be able to pass, and giving the library a key that doesn't meet
the minimum will result in an error.
2.7.0 will be released in the very near future.
-MSK
Received on Wed Oct 24 2012 - 20:04:24 PST