>As I recall there are issues using keys bigger than 1024 bits because >construction and/or correct interpretation of TXT records that contain keys >of that size or bigger has been problematic due to DNS provisioning >software that does the former wrong and DKIM verifiers that do the latter >wrong.
I entirely believe that the provisioning crudware gets it wrong, but I haven't heard of verifiers that don't handle multiple TXT strings. Are you thinking of any specific ones? I also agree that none of the other alleged issues are issues, although I still think that migrating to EdDSA would be a good idea. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc