From ae20ad128fff6d9111741dd4475d277b0eef946f Mon Sep 17 00:00:00 2001 From: Scott Kitterman Date: Mon, 5 Feb 2018 14:44:49 -0500 Subject: [PATCH] Update README --- README | 29 +++++++++++++++++++++++++---- 1 file changed, 25 insertions(+), 4 deletions(-) diff --git a/README b/README index a159640..64e651e 100644 --- a/README +++ b/README @@ -65,9 +65,8 @@ The reason for the test failure is that the ARC specification (as of 20170120) sets the minimum key size to 512 bits. This is operationally inappropriate, so dkimpy sets the default minkey=1024, the same as is used for DKIM. This can be overridden, but that is not recommended. The minimum key size -requirement for DKIM (and thus ARC) is in the process of being updated to -require at least a 1024 bit key. Information about the status of this effort -is at https://datatracker.ietf.org/doc/draft-ietf-dcrup-dkim-usage/ +requirement for DKIM (and thus ARC) has recently been updated to require at +least a 1024 bit key. See RFC 8301. USAGE @@ -78,7 +77,29 @@ function takes an RFC822 formatted message, and returns True or False depending on whether the signature verifies correctly. There is also a DKIM class which can be used to perform these functions in a more modern way. -Two helper programs are also supplied: dkimsign.py and dkimverify.py. +RFC8301 updated DKIM requirements in two ways: + +1. It set the minimum valid RSA key size to 1024 bits. +2. It removed use of rsa-sha1. + +As of version 0.7, the dkimpy defaults largely support these requirements. + +It is possible to override the minimum key size to a lower value, but this is +strongly discouraged. As of 2018, keys much smaller than the minimum are not +difficult to factor. + +The code for rsa-sha1 signing and verification is retained, but not used for +signing by default. Future releases will raise warnings and then errors when +verifying rsa-sha1 signatures. There are still some significant users of +rsa-sha1 signatures, so operationally it's premature to disable verification +of rsa-sha1. + +Three helper programs are also supplied: dknewkey.py, dkimsign.py and +dkimverify.py. + +dknewkey.py is s script that produces private and public key pairs suitable +for use with DKIM. Note that the private key file format used for ed25519 is +not standardized (there is no standard) and is unique to dkimpy. dkimsign.py is a filter that reads an RFC822 message on standard input, and writes the same message on standard output with a DKIM-Signature line