Re: [Exim] Yahoo DomainKeys...

Top Page
Delete this message
Reply to this message
Author: Ian A B Eiloart
Date:  
To: exim-users
Subject: Re: [Exim] Yahoo DomainKeys...

--On Wednesday, May 19, 2004 12:31 pm +0200 Andre Grueneberg
<andre@???> wrote:

> --
> Matthew Byng-Maddick wrote:
>> As far as I'm concerned, http://antispam.yahoo.com/domainkeys#a12 is a
>> show-stopper.
>
> AFAICS supporting 8bit-clean transmission on all transit systems is
> necessary or the signing party has to convert the mail to
> quoted-printables (I don't see the necessity of 8BITMIME on all
> participating systems, as stated in the draft). This makes Exim unable
> to be the signing party.
>
>> The use of 384-bit keys worries me, especially following his claim about
>> authentication of the domain.
>
> I had a closer look at it this morning. I assume spammers will be able
> to factorize RSA384 in less than a week. (Let's assume 1000 MIPS years
> being necessary, a modern PC CPU does about 8000 MIPS, 20 PCs -- this is
> today and a rather conservative calculation). This would require daily
> rekeying, which is impracticle.
>


Of course, if they just go out and hijack a couple of thousand third party
PCs, they should be able to do this in minutes.


--
Ian Eiloart
Servers Team
Sussex University ITS