Steffen Nurpmeso wrote in <20240414005126.pzjJO4pr@steffen%sdaoden.eu>: |Thanks to Hanno Böck (known from ossec and more) i was pointed to |my falsely published ED25519 DKIM key. |Until now that simply was the complete ED25519 public key, just |like for RSA, instead of extracting the actual "bitstring data" |from the standardized ASN.1 container, which starts at offset 16 |(or -offset=12 if you use "openssl asn1parse -noout -out -" aka |the binary blob). | |I realize that RFC 8463 says repeatedly that the base64-encoded |representation of an ED25519 key is 44 bytes, and that the |examples go for this. Still there is no wording that the entire |ASN.1 structure shall be thrown away.
That cannot be the reason Google, Microsoft and more do not support that, right. It is a bit bizarre that these huge RSA keys are used all over the place, whereas the even stripped-naked ones are not. A nice Sunday i wish to everyone, if at all possible. Ciao from Germany, --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim
