Dňa 5. 11. o 9:31 Patrick Ben Koetter via mailop napísal(a): > rspamd, which has been used in the example avove, seems to handle > ed25519-sha256 verification quite well. Anyone using other DKIM verifiers > which have problems with ed25519-sha256 verification and take it badly i.e. do > anything else but note "unsupported algo" and go on happily verifying the > second rsa-sha256 sigs?
I use dual sign with ed25519 keys and i have enabled rua reports. While my domain is very low traffic, i have only small amount of reports. But i see that e.g. google verifies RSA keys as success and ED25519 keys are failed, but this does not affects DMARC success verification. E.g. reports from amazon-ses are lacking ed25519 keys at all, but again DMARC was success. When i start to use de25519 keys, i tried multiple online verifiers and most of RSA only reports message as failed DKIM at all when they meet ED25519 key. Then yes one can meet implementation which will fail DKIM, if it meet unknown algorihtm, but IMO it is pure its problem, which have to be solved from their side, as it is broken behavior. regards slavko _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
