Selector of Facebook's DKIM Key

Interesting, when I looked at the header of an email from Facebook, I found the DKIM Sigature as follows:

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=facebookmail.com; 
    s=s1024-2011-q2; t=1378874220; 

The selector is named as s-1024-2011-q2.   Well, I can understand 1024 bits is used and the key has been in service since Q2 of 2011.   Facebook has not changed the key pair for over three years.  It is a bad and unacceptable security practice !

No comments: