DkimVerifierBaseMinimumRsaKeyLength Property

Get or set the minimum allowed RSA key length.

Namespace: MimeKit.Cryptography
Assembly: MimeKit (in MimeKit.dll) Version: 4.7.1

Syntax

public int MinimumRsaKeyLength { get; set; }

Property Value

Int32
The minimum allowed RSA key length.

Remarks

Gets the minimum allowed RSA key length.

Security Note
The DKIM specifications specify a single signing algorithm, RSA, and recommend key sizes of 1024 to 2048 bits (but require verification of 512-bit keys). As discussed in US-CERT Vulnerability Note VU#268267, the operational community has recognized that shorter keys compromise the effectiveness of DKIM. While 1024-bit signatures are common, stronger signatures are not. Widely used DNS configuration software places a practical limit on key sizes, because the software only handles a single 256-octet string in a TXT record, and RSA keys significantly longer than 1024 bits don't fit in 256 octets.

Security Note

The DKIM specifications specify a single signing algorithm, RSA, and recommend key sizes of 1024 to 2048 bits (but require verification of 512-bit keys). As discussed in US-CERT Vulnerability Note VU#268267, the operational community has recognized that shorter keys compromise the effectiveness of DKIM. While 1024-bit signatures are common, stronger signatures are not. Widely used DNS configuration software places a practical limit on key sizes, because the software only handles a single 256-octet string in a TXT record, and RSA keys significantly longer than 1024 bits don't fit in 256 octets.

Reference

DkimVerifierBase Class

MimeKit.Cryptography Namespace