On March 6, 2024 10:41:51 PM UTC, Steffen Nurpmeso <stef...@sdaoden.eu> wrote:
>Scott Kitterman wrote in
> <c9ef0654-c410-46dc-b9a7-716e3eca0...@kitterman.com>:
> |On March 6, 2024 9:56:50 PM UTC, Steffen Nurpmeso <stef...@sdaoden.eu> \
> |wrote:
> |>--- Forwarded from Steffen Nurpmeso <stef...@sdaoden.eu> ---
> |>Date: Wed, 06 Mar 2024 22:49:48 +0100
> |>Author: Steffen Nurpmeso <stef...@sdaoden.eu>
> |>From: Steffen Nurpmeso <stef...@sdaoden.eu>
> |>...
> |>Subject: Re: [pfx] Recommendation for dkim signing
> |>Message-ID: <20240306214948.V5gSjSiU@steffen%sdaoden.eu>
> |>...
> |>
> |>...
> |>So now that i have DKIM myself i tested.
> |>And *no* verification software i can reach actually supports
> |>Ed25519-sha256 as of RFC 8463 from September 2018!
> |
> |In addition to my dkimpy-milter, exam supports it and believe opendkim \
>
>Yes, you do support it. I know of no endpoint i could reach out
>to test this, however. But yes, of course your software
>thankfully supports it.
>
> |does as well. Their combined market share no doubt rounds to zero, \
> |but the software does exist.
>
>exam i do not know, and OpenDKIM i am pretty sure does not support
>it, at least the Sourceforge.net thing; i have a local copy and
>the last change was in 2015.
>
> |This isn't horrible. The main reason for RFC 8463 was, in my view, \
> |as a hedge for some discovery that suddenly made RSA obsolete, which \
> |hasn't happened yet. From a standards perspective, it is there if needed.
>
>It greatly reduces the size of the headers, too. And of the DNS
>entries, and the DNS traffic as such, in UDP.
>
>I would speak contra and say it is a terrible picture.
>And one mail i would have written right now in the queue.
For opendkim, you need to look on GitHub. There has been some further
development there.
Scott K
_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim
