Dňa 27. apríla 2023 18:23:10 UTC používateľ John Levine via mailop <mailop@mailop.org> napísal: >It appears that postfix--- via mailop <post...@sfina.com> said: >>Did the German government not require a switch to ed25519? > >Not that I'm aware of. If they did, their mail would stop working >since essentially nobody validates ed25519 signatures yet. > >>And would ed25519 not be better than any RSA? > >Sure, but at this point the benefits are not worth the effort of >upgrading software and rekeying. You'd also need a very long >transition period with both kinds of signature which would need >separate keys (there's only one key in each DNS record) so you'd >have twice as many keys and twice as many signatures to manage.
And instead of this, we will seggest longer and longer DKIM keys, until (at some point) the RSA keys will be longer than average email and verifying that signature will consume many times more power than whole email transport... Just because nobody uses Ed25519, as nobody requires it, and nobody requires it as nobody uses it... Or the real reason lies in something totally different? regards -- Slavko https://www.slavino.sk/ _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
