On Thu, Jul 10, 2025 at 10:52 AM John Levine <[email protected]> wrote:
> It appears that Wei Chuang <[email protected]> said: > >-=-=-=-=-=- > > > >Hi all, > >I'm announcing the Internet-Draft for the "Domain Name specification for > >DKIM2". > >https://datatracker.ietf.org/doc/draft-chuang-dkim2-dns/02/ > > > >DKIM2 intends to be compatible with the existing DKIM installed base of > >keys hence this part of the specification is essentially the same as > >RFC6376 with an update for more modern algorithms. ... > > It mostly looks fine but I have a few questions. > > It currently only lists k=rsa for RSA signatures. If we're only going to > have one signature scheme, it should be k=ed25519 since those signatures > are > smaller and faster to compute and verify. > That's an oversight on my part. I can add that in when the upload service is open again. > When we added a new crypto algorithm we realized that you can only have one > key per selector.I gather the plan is to allow multiple signatures > in the same dkim2-signature header so the key records will need to allow > that. > > One possibility would be to relax the rule about one key TXT record per > selector > to allow multiple records but the k= values have to be different, e.g. > k=ed25519 > in one and k=postquantum in the other. Another possibility would be to > keep it > one record, but make the k= h= p= be comma separated lists rather than > single > values. > IMO either of these approaches could be sensible. Happy to document once a particular direction is settled upon especially wrt to how the signature will be specified. My guess is that the comma separated will be a little bit more straight forward to specify. -Wei > > R's, > John >
_______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
