On Thu 21/Dec/2023 14:53:55 +0100 Mike Hillyer via mailop wrote:
John Said:
I'm sure that Google has code somewhere that can validate ED25519
signatures. But that does not mean that it would be a good idea for them
to use that code in production today and try to update their reputation
systems to deal with the dual signing that implies.
With the number of messages already arriving with multiple DKIM signatures I
can't imagine their reputation systems don't already handle dual signing just
fine.
Google keep reporting <result>fail</result> for ed25519 signatures. Ditto for
Comcast. Yahoo say <result>permerror</result>, like Verizon. Microsoft don't
even mention that selector...
It seems only (few) small servers dare implementing ed25519.
I don't understand why. The meaning of signatures is not altered by the a=
tag, so updating a reputation system in order to accomodate a different
verification algorithm should only require a small, localized change. Not a
staggering defeat.
What am I missing?
Best
Ale
--
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
