chore: Change setup config dkim default key size to 2048 (open-dkim)#3508
Merged
polarathene merged 10 commits intodocker-mailserver:masterfrom Aug 28, 2023
Merged
Conversation
4096-bit is excessive in size for DKIM key. 2048-bit is plenty.
polarathene
added
area/security
area/scripts
area/documentation
kind/update
polarathene
force-pushed
the
chore/open-dkim-change-default-2048
branch
from
dd457e0 to
7e040ba
Compare
- The examples use `keysize 2048`, but as that's the new default it makes sense to change that. - Other help text was also revised. - Last example for domains did not need to demonstrate the other options. Changed example domains to more appropriate values.
Primarily for the change in default key size, but does revise some text to better communicate to the user. - While the referenced RFC advises 512-bit to 2048-bit key size, we now explicitly discourage `512-bit` as it's not secure. `1024-bit` is still likely safe for most, but `2048-bit` is a good default for those not rotating their keys. - Adjusted the domains example to match the new `setup config dkim domain` domains example. - Tip for changing default key size changed to "info" with added clarity of lowering security or increasing it (excessively). - Rspamd section is minor formatting changes, with the exception of clarifying the "main domain" for the mail accounts is assumed as the DMS FQDN with any subdomain (like `mail.`) stripped away. This is not great, but a legacy issue that needs to be addressed in future. - `docs-rspamd-override-d` ref removed, and usage replaced with equivalent ref `docs-rspamd-config-dropin`, while `docs-rspamd-config-declarative` ref was not in use and also removed. - Revised the `<selector>.txt` DNS formatting info section to better communicate with the reader. Additionally it had mixed usage of default `mail` and custom `dkim-rsa` selectors (_file content and output_).
- Adopt the help options format style from the `rspamd-dkim` into `open-dkim` command. And convert `./setup.sh` to `setup`. `selector` option has been implemented. for a while now. - Update `rspamd-dkim` examples help output to align with `open-dkim` command examples. - Give both DKIM command tools a consistent description. The two tools differ in support for the `domain` option (_implicit domain sourcing for default account provisioner, and support for multiple domains as input_). - DKIM docs for LDAP domain support revised to better communicate when explicit domain config is necessary.
`rspamd_dkim.bats`: - Update assert for command help output. - Don't bother creating a DKIM key at 512-bit size. `setup_cli.bats`: - Update assert for command help output of the `setup config dkim` (OpenDKIM) command.
The linked discussion from 2021 does mention this updated RFC over the original. That removes outdated advice about `512-bit` key length support. The discussion link is still kept to reference a comment for the reader to better understand the security strength of 2048-bit RSA keys and why larger keys are not worthwhile, especially for DKIM.
Should be fine to be DRY here, not specific to `open-dkim` or `rspamd` generation/support. Previously rspamd lacked support of an equivalent command in DMS.
- Shifted out the info admonition on key size advice out of the content tabs as it's now generic information. - Indented the 4096-bit warning into this, which is less of a concern as the default for our DKIM generation tools is consistently 2048-bit now. - Reworked the LDAP and Rspamd multi-domain advice. To avoid causing a bad diff, these sections haven't been moved/merged yet.
Advice for managing domains individually with LDAP and Rspamd extracted out of the content tabs. Default domain behaviour explained with extra info about OpenDKIM + FILE provisioner sourcing extra domains implicitly.
polarathene
force-pushed
the
chore/open-dkim-change-default-2048
branch
from
7e040ba to
c50ba78
Compare
This comment was marked as outdated.
This comment was marked as outdated.
Member
Author
Old
Edge docs for Rspamd section has a multi-domain admonition: 
New
Expanded admonitions: 
|
casperklein
approved these changes
Aug 28, 2023
georglauterbach
approved these changes
Aug 28, 2023
Contributor
|
Documentation preview for this PR is ready! 🎉 Built with commit: 21c03a9 |
1 task
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
I originally raised this change as desired back in a March 2021 discussion (and again by me recently in April 2023 and Aug 2023), detailing why we should be set the default to 2048 (revert rather, as the change from
2048to4096wasn't justified well but got through review).Additional history for how the default became 4096 is detailed in:
open_dkim.bats#3060 (Feb 2023)I finally got around to tackling it 🎉 and improved the related DKIM docs and help command output while at it.
The DKIM UX and docs could probably do with some more improvements, but I mostly wanted to address the bad default of
4096-bitdefault key size. Potentially a breaking change if users rely on implicit defaults with automated config/deployment scripts.Extra reference from RFC documents
Our docs reference RFC 6376, and I'll update that to reflect changes from RFC 8301 as noted below, and cited in the original March 2021 discussion referenced to motivate this change in DMS.
RFC 8301
3.2Key Sizes (Jan 2018, Updates: RFC 6376):Compared to RFC 6376
3.3.3Key Sizes (Sep 2011), the 1024-bit requirement for signers changed from long-lived keys to ALL keys, and that the verifiers minimum range for validation was raised to 1024-bit from 512-bit.It additionally notes key size choice should be influenced by:
1024-bit should be fine, especially with key rotation and the lower impact to security when compromised vs private keys for other security purposes. 2048-bit should place more of our audience at ease, where those that prefer the perks of smaller key sizes are advised to adopt ECC keys (supported with rspamd, along with RSA fallback).
NOTE: Each commit has a message detailing changes, may provide extra context for review or easier to follow diffs.
Type of change
Checklist:
docs/)