Difference between pages "GnuPG" and "DomainKeys Identified Mail"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(Initial stub)
 
(New page: {{Expand}} '''DomainKeys Identified Mail''' ('''DKIM''') is a method for signing email messages to help eliminate spam. The signature in each message should give the domain (<tt>d=</tt>...)
 
Line 1: Line 1:
 
{{Expand}}
 
{{Expand}}
  
At this time there are no known ''forensic'' weaknesses in GnuPG. That is, there is no technique to decrypt messages without the correct keys except for a brute force attack. Because of the nature of the cryptosystem involved, such attacks are impractical.
+
'''DomainKeys Identified Mail''' ('''DKIM''') is a method for signing email messages to help eliminate spam.
 +
 
 +
The signature in each message should give the domain (<tt>d=</tt>) and selector (<tt>s=</tt>). The appropriate key can be retrived as a TXT [[Domain Name System|DNS]] record from the host <tt>''selector''._domainkey.''domain''</tt>). A sample message from Gmail had the following DKIM header:
 +
 
 +
<pre>
 +
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed;
 +
        d=gmail.com; s=beta;
 +
</pre>
 +
 
 +
We can thus retrieve the Gmail key with:
 +
 
 +
<pre>$ host -t txt beta._domainkey.gmail.com
 +
beta._domainkey.gmail.com descriptive text "t=y\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC69TURXN3oNfz+G/m3g5rt4P6nsKmVgU1D6cw2X6BnxKJNlQKm10f8tMx6P6bN7juTR1BeD8ubaGqtzm2rWK4LiMJqhoQcwQziGbK1zp/MkdXZEWMCflLY6oUITrivK7JNOLXtZbdxJG2y/RAHGswKKyVhSP9niRsZF/IBr5p8uQIDAQAB"</pre>
 +
 
  
 
== External Links ==
 
== External Links ==
* [http://www.gnupg.org/ Official website]
+
* [http://www.dkim.org/ Official website]
* [http://en.wikipedia.org/wiki/Gnupg Wikipedia entry on GnuPG]
+
* [http://en.wikipedia.org/wiki/DomainKeys_Identified_Mail Wikipedia entry on DKIM]

Revision as of 13:21, 29 April 2007

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

DomainKeys Identified Mail (DKIM) is a method for signing email messages to help eliminate spam.

The signature in each message should give the domain (d=) and selector (s=). The appropriate key can be retrived as a TXT DNS record from the host selector._domainkey.domain). A sample message from Gmail had the following DKIM header:

DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed;
        d=gmail.com; s=beta;

We can thus retrieve the Gmail key with:

$ host -t txt beta._domainkey.gmail.com
beta._domainkey.gmail.com descriptive text "t=y\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC69TURXN3oNfz+G/m3g5rt4P6nsKmVgU1D6cw2X6BnxKJNlQKm10f8tMx6P6bN7juTR1BeD8ubaGqtzm2rWK4LiMJqhoQcwQziGbK1zp/MkdXZEWMCflLY6oUITrivK7JNOLXtZbdxJG2y/RAHGswKKyVhSP9niRsZF/IBr5p8uQIDAQAB"


External Links