Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DNS: Investigate supporting 2048-bit DKIM keys #80819

Closed
arinoch opened this issue Aug 18, 2023 · 11 comments
Closed

DNS: Investigate supporting 2048-bit DKIM keys #80819

arinoch opened this issue Aug 18, 2023 · 11 comments
Labels
Customer Report Issues or PRs that were reported via Happiness. Previously known as "Happiness Request". [Feature] Domain Management Tools for managing your site's domain(s). [Feature Group] Emails & Domains Features related to email integrations and domain management. [Pri] Normal Schedule for the next available opportuinity. [Product] WordPress.com All features accessible on and related to WordPress.com. Triaged To be used when issues have been triaged. [Type] Feature Request Feature requests

Comments

@arinoch
Copy link

arinoch commented Aug 18, 2023

What

I would like the ability to allow for TXT records longer than 255 characters, which would enable support for a more secure 2048-bit DKIM key.

Why

1024-bit security keys, which are the longest security keys that will fit in a 255-character TXT record, have been discouraged since 2014 for SSL certificates, as well as more generally by the NIST. Some email providers, such as the one used by our user in 6685037-zd-a8c, are refusing to be backwards compatible for security reasons. Allowing for a longer TXT record, therefore, will by default make our users' DKIM keys more secure.

How

Google suggests one way and provides examples, which is to split a longer key into 255-character chunks (each individually quoted). If extending the length of this record type is not possible, can we support splitting records as described in the Google example?
@arinoch arinoch added [Feature Group] Emails & Domains Features related to email integrations and domain management. [Type] Feature Request Feature requests [Product] WordPress.com All features accessible on and related to WordPress.com. [Feature] Domain Management Tools for managing your site's domain(s). labels Aug 18, 2023
@github-actions
Copy link

github-actions bot commented Aug 18, 2023
edited
Loading

Support References

This comment is automatically generated. Please do not edit it.

@github-actions github-actions bot added the Customer Report Issues or PRs that were reported via Happiness. Previously known as "Happiness Request". label Aug 18, 2023
@cuemarie
Copy link

📌 ACTIONS

  • Feature request kept

@cuemarie cuemarie added the [Campaign] Google Domains Takeover Isseus related to Google Domains Takeover efforts (2023) label Aug 21, 2023
@cuemarie cuemarie moved this from Needs Triage to To Do in Automattic Prioritization: The One Board ™ Aug 21, 2023
@cuemarie cuemarie added [Pri] Normal Schedule for the next available opportuinity. User Report labels Aug 21, 2023
@DavidSaladu
Copy link

This customer insisted on it as well 6711206-zd-a8c

@cuemarie
Copy link

FYI @Automattic/nomado - would y'all know if is this on the horizon for domains?

@delputnam
Copy link
Contributor

delputnam commented Aug 25, 2023
edited
Loading

This is a limitation of our current version of PowerDNS. Systems is working to migrate to the new version. Once that cutover is complete, we can remove the 255 character limit on TXT rdata.

Splitting records into multiple "chunks" won't work on this version of PDNS either.

(This cutover is also related to DNSSEC support.)

@cuemarie cuemarie removed the [Campaign] Google Domains Takeover Isseus related to Google Domains Takeover efforts (2023) label Aug 30, 2023
@cuemarie cuemarie moved this from On Hold to Triaged in Automattic Prioritization: The One Board ™ Sep 4, 2023
@cuemarie cuemarie added the Triaged To be used when issues have been triaged. label Oct 5, 2023
@jamiepalatnik
Copy link

Another request in this chat: 7131931-zd-a8c

@delputnam
Copy link
Contributor

Still awaiting the PDNS migration.

@i11za
Copy link

i11za commented Oct 28, 2023

Another request in this chat: 7227680-zd-a8c

@filipanoscampos
Copy link

Another one 7235803-zd-a8c

@nightnei
Copy link
Contributor

nightnei commented Sep 4, 2024
edited
Loading

@delputnam I remember we removed 255 limitation on Tumblr. So I wanted to ask - does it mean that we can do the same for wp.com? If so, and if you have bandwidth - add it please to your board or if you don't have bandwidth - I can do it.

@delputnam
Copy link
Contributor

@nightnei This restriction has already been removed on WPCOM. Sorry that we never updated this issue. I'll go ahead and mark it closed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Customer Report Issues or PRs that were reported via Happiness. Previously known as "Happiness Request". [Feature] Domain Management Tools for managing your site's domain(s). [Feature Group] Emails & Domains Features related to email integrations and domain management. [Pri] Normal Schedule for the next available opportuinity. [Product] WordPress.com All features accessible on and related to WordPress.com. Triaged To be used when issues have been triaged. [Type] Feature Request Feature requests
Projects
Automattic Prioritization: The One Board ™
Archived in project
Milestone
No milestone
Development

No branches or pull requests
8 participants
@delputnam @filipanoscampos @nightnei @arinoch @cuemarie @jamiepalatnik @DavidSaladu @i11za