• Joshua Tauberer's avatar
    dkim 2048 bits - migration and zone file generation changes · 299a2315
    Joshua Tauberer authored
    * Add a migration to delete any existing DKIM key so that existing machines get a fresh 2048-bit key. (Sadly we don't support key rotation so the change is immediate.)
    * Because the DNS record for a 2048-bit key is so much longer, the way we read OpenDKIM's DNS record text file had to be modified to combine an arbitrary number of TXT record quoted ("...") strings.
    * When writing out the TXT record value, the string must be split into quoted ("...") strings with a maximum length of 255 bytes each, per the DNS spec.
    * Added a changelog entry.
    299a2315
migrate.py 6.1 KB