Scott Kitterman wrote in <c9ef0654-c410-46dc-b9a7-716e3eca0...@kitterman.com>: |On March 6, 2024 9:56:50 PM UTC, Steffen Nurpmeso <stef...@sdaoden.eu> \ |wrote: |>--- Forwarded from Steffen Nurpmeso <stef...@sdaoden.eu> --- |>Date: Wed, 06 Mar 2024 22:49:48 +0100 |>Author: Steffen Nurpmeso <stef...@sdaoden.eu> |>From: Steffen Nurpmeso <stef...@sdaoden.eu> |>... |>Subject: Re: [pfx] Recommendation for dkim signing |>Message-ID: <20240306214948.V5gSjSiU@steffen%sdaoden.eu> |>... |> |>... |>So now that i have DKIM myself i tested. |>And *no* verification software i can reach actually supports |>Ed25519-sha256 as of RFC 8463 from September 2018! | |In addition to my dkimpy-milter, exam supports it and believe opendkim \
Yes, you do support it. I know of no endpoint i could reach out to test this, however. But yes, of course your software thankfully supports it. |does as well. Their combined market share no doubt rounds to zero, \ |but the software does exist. exam i do not know, and OpenDKIM i am pretty sure does not support it, at least the Sourceforge.net thing; i have a local copy and the last change was in 2015. |This isn't horrible. The main reason for RFC 8463 was, in my view, \ |as a hedge for some discovery that suddenly made RSA obsolete, which \ |hasn't happened yet. From a standards perspective, it is there if needed. It greatly reduces the size of the headers, too. And of the DNS entries, and the DNS traffic as such, in UDP. I would speak contra and say it is a terrible picture. And one mail i would have written right now in the queue. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim