Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

NIOS DNS DHCP IPAM

Reply

DKIM 4096 bit keylength

New Member
Posts: 1
1051     0

Hello, does infoblox support a DKIM record of 4096 bit keylength? If so, how does one implement this as the field for a txt record is only 512 characters long?

Re: DKIM 4096 bit keylength

Techie
Posts: 34
1052     0

You gotta split the strings. Create multiple records of the same name.

 

Per RFC 4408 3.1.3:

As defined in [RFC1035] sections 3.3.14 and 3.3, a single text DNS record (either TXT or SPF RR types) can be composed of more than one string. If a published record contains multiple strings, then the record MUST be treated as if those strings are concatenated together without adding spaces.

 

For example:

IN TXT "v=spf1 .... first" "second string..."
MUST be treated as equivalent to

IN TXT "v=spf1 .... firstsecond string..."
SPF or TXT records containing multiple strings are useful in constructing records that would exceed the 255-byte maximum length of a string within a single TXT or SPF RR record.

 

Note that this is NOT the same as having multiple records at the same label

@ IN TXT “something”

@ IN TXT “something else”

Is not the same as

@ IN TXT “something” “something else”

 

The above will always come out the same, important for key data. The former/first will undoubtedly come out the wrong way round sometimes.

 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You