@hanno hang on, *Entrust* was using a Debian weak key for their DKIM signing? That's just made my day.