From: Murray S. Kucherawy <msk@se...> - 2008-07-21 22:13:15
On Mon, 21 Jul 2008, Mike Markley wrote:
> I received this bug report on the Debian package of dk-milter. Could be
> a resolver issue, although this build is done without arlib. Thoughts?
> ----- Forwarded message from Richard A Nelson <cowboy@...> -----
> My guess, without looking at the code, is that it must be getting a
> short resonce from some DNS server (the PUBKEY has to come from DNS) ?
Short or corrupted, I agree. The TXT record at
default._domainkey.virtuousgeek.org doesn't seem to be unusually large so
I doubt it's truncation by the DNS, but maybe it wasn't pasted into the
TXT record properly.
If I take that record's content and stick it in a text file and add the
delimiters that OpenSSL requires, I get:
-----BEGIN PUBLIC KEY-----
-----END PUBLIC KEY-----
Then I ask OpenSSL to use it:
> openssl rsa -pubin < X
read RSA key
unable to load key
56534:error:0906D064:PEM routines:PEM_read_bio:bad base64 decode:pem_lib.c:777:
...so it seems a lot like the data's damaged.