This article describes how you can use Mimecast's services to implement the US Government's secure email guidance. See the BOD (Binding Operation Directive) 18-01 page on the US Government's website for further details. This applies to administrators of Mimecast accounts who communicate by email with any US federal agency.
Overview
A binding operational directive (BOD) to enhance email and web security from the Department of Homeland Security (DHS) in the United States requires federal agencies to comply with "BOD 18-01" (e.g., agencies using.mil and.gov domains). Although web-based systems exist to generate DKIM public/private key pairs and automatically produce the corresponding DNS entries, these must not be used for federal information systems. This is because they can compromise the organization's private key. DKIM signatures using the hash RSA/SHA-256 and a key length of 2048 bits are required (as outlined below) if you attempt to send emails to these agencies:
| DKIM Specified Algorithm | Approved for Government Use | Recommended Length | Recommended Lifetime |
|---|---|---|---|
| RSA/SHA-1 | No | N/A | N/A |
| RSA/SHA-256 | Yes | 2048 bits | 1-2 Years |
Comments
Please sign in to leave a comment.