On Fri 11/Jul/2025 17:48:06 +0200 John R Levine wrote:
On Fri, 11 Jul 2025, Alessandro Vesely wrote:
But why multiple signatures? Is it to let verifiers choose what algorithm
they prefer?
No, it's so that signers can sign without having to know what algorithm(s) the
verifiers can handle.
Does that mean that signers must support all standardized algorithms or only a
subset of them will be mandatory?
For existing DKIM, I'm not surprised that nobody uses ed25519. RSA signatures
work fine, and the lower cost of ed25519 signatures isn't usually worth the
hassle of switching. Also, the widely used opendkim library is abandonware and
only supports RSA.
(The last time I downloaded it, ed25519 was supported, albeit only for OpenSSL.)
Best
Ale
--
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
